urlscan.io logo urlscan.io
SecurityTrails logo

gaming-tricks.xyz Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://skidrowreloaded.pro/ofans.html
Effective URL: https://gaming-tricks.xyz/games/onlyfans-premium
Submission Tags: falconsandbox
Submission: On July 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is gaming-tricks.xyz.
TLS certificate: Issued by GTS CA 1P5 on May 24th 2023. Valid for: 3 months.
This is the only time gaming-tricks.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

1    2606:4700:3033::6815:5368 (United States)

ASN13335 (CLOUDFLARENET, US)
skidrowreloaded.pro
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
gaming-tricks.xyz
1    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
2    2600:9000:20eb:bc00:18:af29:bac0:21 (United States)

ASN16509 (AMAZON-02, US)
d266key948fg17.cloudfront.net
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2600:9000:2490:8200:18:1ea4:5480:21 (United States)

ASN16509 (AMAZON-02, US)
d1xv7hxes9rviq.cloudfront.net
3    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net
www.google-analytics.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2600:9000:214f:2600:17:58b6:3240:21 (United States)

ASN16509 (AMAZON-02, US)
d1ph51qsmnjpvt.cloudfront.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
8 cloudfront.net
d266key948fg17.cloudfront.net
d1xv7hxes9rviq.cloudfront.net
d1ph51qsmnjpvt.cloudfront.net
223 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
region1.google-analytics.com — Cisco Umbrella Rank: 1623
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
158 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 433
30 KB
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4934
21 KB
1 gaming-tricks.xyz
gaming-tricks.xyz
5 KB
1 skidrowreloaded.pro
skidrowreloaded.pro
653 B
18 7
Domain Requested by
5 d1ph51qsmnjpvt.cloudfront.net d1xv7hxes9rviq.cloudfront.net
3 www.google-analytics.com gaming-tricks.xyz
browser.sentry-cdn.com
2 www.googletagmanager.com www.google-analytics.com
2 d266key948fg17.cloudfront.net gaming-tricks.xyz
1 region1.google-analytics.com www.googletagmanager.com
1 d1xv7hxes9rviq.cloudfront.net gaming-tricks.xyz
1 ajax.googleapis.com gaming-tricks.xyz
1 browser.sentry-cdn.com gaming-tricks.xyz
1 gaming-tricks.xyz skidrowreloaded.pro
1 skidrowreloaded.pro
18 10

This site contains no links.

Subject Issuer Validity Valid
skidrowreloaded.pro
GTS CA 1P5		 2023-07-05 -
2023-10-03		 3 months crt.sh
gaming-tricks.xyz
GTS CA 1P5		 2023-05-24 -
2023-08-22		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gaming-tricks.xyz/games/onlyfans-premium
Frame ID: 367FC948A6D8902E3308F4074FB7F9B7
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OnlyFans Premium Membership

Page URL History Show full URLs

  1. https://skidrowreloaded.pro/ofans.html Page URL
  2. https://gaming-tricks.xyz/games/onlyfans-premium Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

90 %
IPv6

7
Domains

10
Subdomains

10
IPs

2
Countries

459 kB
Transfer

901 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://skidrowreloaded.pro/ofans.html Page URL
  2. https://gaming-tricks.xyz/games/onlyfans-premium Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ofans.html
skidrowreloaded.pro/ 		90 B
653 B 		Document
General
Check archive.org
Download Go to
Full URL
https://skidrowreloaded.pro/ofans.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5368 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e531fd478fd4d59-FRA
content-encoding
br
content-type
text/html
date
Tue, 11 Jul 2023 18:31:36 GMT
last-modified
Sun, 07 May 2023 18:42:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yk9GUM2n3EU9WodwSYITDYhacNuMTE%2FY3V0Jv0TbwmOaUS0iaOPJdj%2BURRuzSSJEvLRvsyEdNJuViE1ubxobcTUdBV5QDNxOUz0bMwvdJk3XF5vmwVaq5RP9b2i%2Fdq3KmM1QK6IynbmLzXm9JTkyhfRU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-nginx-upstream-cache-status
EXPIRED
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
Primary Request onlyfans-premium
gaming-tricks.xyz/games/ 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gaming-tricks.xyz/games/onlyfans-premium
Requested by
Host: skidrowreloaded.pro
URL: https://skidrowreloaded.pro/ofans.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
bb0e6dfde3b5d08401447b472e543d2d2c75ca2c0ebe8cd7b740db5c7596eb07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://skidrowreloaded.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e531fd5ccbe3a94-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 11 Jul 2023 18:31:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QthUXUdnbPfTUTYhlGJz84171mQwJI9iItoWqH9nUOkcXizM4G9fB53MIPVZIY4IX64P%2BAC6bhBxFj79yauZZ1vcli1QsefwD%2Fst8eZJGaXfa71miKc3CesWXN2%2BGv%2BCnw2DS0i%2FrsRbaD%2Bs%2B5620Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
EXPIRED
x-powered-by
PHP/7.3.33
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
bundle.min.js
browser.sentry-cdn.com/6.4.1/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.4.1/bundle.min.js
Requested by
Host: gaming-tricks.xyz
URL: https://gaming-tricks.xyz/games/onlyfans-premium
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
Origin
https://gaming-tricks.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 18:31:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 19 May 2021 16:36:38 GMT
server
Fastly
age
7305802
etag
"42639cce5db857005b8285dedd67553d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20972
expires
Wed, 17 Apr 2024 05:08:15 GMT
16203424005d99bb351db96663f961e4062dc0c609.png
d266key948fg17.cloudfront.net/uploads/ 		184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/16203424005d99bb351db96663f961e4062dc0c609.png
Requested by
Host: gaming-tricks.xyz
URL: https://gaming-tricks.xyz/games/onlyfans-premium
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:bc00:18:af29:bac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
806211bcbafc8dd353192a98edb3e707d4c8b798418ddae5cf80dfd51c0b61f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
LGgnFQO7ycAA9LzUlw4DjKtlkMpw.5y0
date
Tue, 11 Jul 2023 18:31:38 GMT
via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
last-modified
Thu, 06 May 2021 23:06:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"236745d386fad043539c656e7654aa31"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
188669
x-amz-cf-id
oVude0o9UtDPW0nzDiLaYArKNTpwRtSqbzJLGoRtUiyfxI5Ht5yd3g==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: gaming-tricks.xyz
URL: https://gaming-tricks.xyz/games/onlyfans-premium
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 02:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58530
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 02:16:07 GMT
eaa2416.js
d1xv7hxes9rviq.cloudfront.net/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1xv7hxes9rviq.cloudfront.net/eaa2416.js
Requested by
Host: gaming-tricks.xyz
URL: https://gaming-tricks.xyz/games/onlyfans-premium
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:8200:18:1ea4:5480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cbce275a31a0b2113cb9469ddb1fe41b820be2ba9eb221f618d4cf92c0cafd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 18:30:51 GMT
content-encoding
gzip
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
last-modified
Tue, 27 Jun 2023 13:23:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
55
etag
W/"07ace30cbd77eb9d6e74843abfd10980"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-id
Cz9bg3ghpz76ys5CMhgCD3Xn1pyVvD-q7lwuKR7eZ9NJsZUdfR1KAQ==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: gaming-tricks.xyz
URL: https://gaming-tricks.xyz/games/onlyfans-premium
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 17:04:37 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5220
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 11 Jul 2023 19:04:37 GMT
162034276568f6793188c75c36e40d363de213c882.png
d266key948fg17.cloudfront.net/uploads/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/162034276568f6793188c75c36e40d363de213c882.png
Requested by
Host: gaming-tricks.xyz
URL: https://gaming-tricks.xyz/games/onlyfans-premium
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:bc00:18:af29:bac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b4eae0036410ac1d2db35ac898575c6173d38e13ab9ccc9a48a990d4c4215f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gaming-tricks.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
Wrpq1u1saLv6GJlAH5.xlW3eySHHX5lZ
date
Tue, 11 Jul 2023 18:31:38 GMT
via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
last-modified
Thu, 06 May 2021 23:12:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"30c445319b8265c19b779484169e3a23"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3517
x-amz-cf-id
yRdDVO36BQWzHrUyyB_2jSwJhkOahfB6TllKDbAMie9J_ZPD3mxuvg==
collect
www.google-analytics.com/j/ 		15 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2140165713&t=pageview&_s=1&dl=https%3A%2F%2Fgaming-tricks.xyz%2Fgames%2Fonlyfans-premium&dr=https%3A%2F%2Fskidrowreloaded.pro%2F&ul=en-us&de=UTF-8&dt=OnlyFans%20Premium%20Membership&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=675966803&gjid=1606097424&cid=576520831.1689100298&tid=UA-244897473-1&_gid=1960411827.1689100298&_r=1&_slc=1&z=1124437683
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
99257468073a652af3801bd0621fdc32ba49f3a332f1cc29b3bc0ec73fbe36d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 18:31:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gaming-tricks.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		219 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VGZ0TCBMY2&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c273ed357071b7b39cbb95fe53bec365f943482edd21895120304af8baebb155
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 18:31:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79713
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jul 2023 18:31:37 GMT
html.3118870.f32ba.0.js
d1ph51qsmnjpvt.cloudfront.net/public/external/v2/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ph51qsmnjpvt.cloudfront.net/public/external/v2/html.3118870.f32ba.0.js
Requested by
Host: d1xv7hxes9rviq.cloudfront.net
URL: https://d1xv7hxes9rviq.cloudfront.net/eaa2416.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2600:17:58b6:3240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
279980c57e28ab6ae928a2a305a16e74b867041cd85777b0acd331ffc1ab1a46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 18:31:38 GMT
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA53-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
FSFObT-OwfCG3sSri8xSsoI9b6FPZEuwW4id0M02OnjaUwDwD4xBHA==
css_front.css
d1ph51qsmnjpvt.cloudfront.net/public/external/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ph51qsmnjpvt.cloudfront.net/public/external/css_front.css
Requested by
Host: d1xv7hxes9rviq.cloudfront.net
URL: https://d1xv7hxes9rviq.cloudfront.net/eaa2416.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2600:17:58b6:3240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 18:31:38 GMT
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jun 2020 20:06:47 GMT
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA53-C1
etag
"19c4-5a8c5e62e9d0a"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
6596
x-amz-cf-id
wIH56OqC7DGw_MQjTh_yNy0IYSwzymfc_R80e5hE0GAKV7aY9_0Ymw==
collect
www.google-analytics.com/j/ 		15 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2140165713&t=pageView&_s=1&dl=https%3A%2F%2Fgaming-tricks.xyz%2Fgames%2Fonlyfans-premium&dr=https%3A%2F%2Fskidrowreloaded.pro%2F&ul=en-us&de=UTF-8&dt=OnlyFans%20Premium%20Membership&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=2116160203&gjid=1424894879&cid=576520831.1689100298&tid=UA-85922709-2&_gid=1960411827.1689100298&_r=1&_slc=1&cd1=0&z=84163752
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
2dfd50d663d9053459348c51f92aeb5e35da564a35be518705f81445b93816e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 18:31:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gaming-tricks.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		229 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EL9WPX8S0Z&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96a406ef0543bc3fbfc548b3acf6b77dab4645924f49676a0b9670e49d9996ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 18:31:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82023
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jul 2023 18:31:38 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VGZ0TCBMY2&gtm=45je37a0&_p=2140165713&ul=en-us&sr=1600x1200&cid=576520831.1689100298&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABA&ngs=1&_s=1&dl=https%3A%2F%2Fgaming-tricks.xyz%2Fgames%2Fonlyfans-premium&dr=https%3A%2F%2Fskidrowreloaded.pro%2F&dt=OnlyFans%20Premium%20Membership&sid=1689100298&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VGZ0TCBMY2&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 18:31:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gaming-tricks.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css.css
d1ph51qsmnjpvt.cloudfront.net/public/clockers/CustomButton/ 		1010 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ph51qsmnjpvt.cloudfront.net/public/clockers/CustomButton/css.css
Requested by
Host: d1xv7hxes9rviq.cloudfront.net
URL: https://d1xv7hxes9rviq.cloudfront.net/eaa2416.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2600:17:58b6:3240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 18:31:38 GMT
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
last-modified
Fri, 10 Apr 2020 22:29:00 GMT
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA53-C1
etag
"3f2-5a2f7428ae907"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
1010
x-amz-cf-id
oDSxWN70avWomc5BHawHXIJLJ445PTZT9YS8ijpaX7LmBvc9QwUDsg==
guid
d1ph51qsmnjpvt.cloudfront.net/public/ 		0
277 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ph51qsmnjpvt.cloudfront.net/public/guid?cpguid=ohzravyjc&e=ll&t=1689100298953
Requested by
Host: d1xv7hxes9rviq.cloudfront.net
URL: https://d1xv7hxes9rviq.cloudfront.net/eaa2416.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2600:17:58b6:3240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 18:31:39 GMT
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA53-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-length
0
x-amz-cf-id
o7f7uhruMVAh7EVjjjcXEgq5TuwCPmLuWrx3D3j78MrPui0QYzdmzA==
check.php
d1ph51qsmnjpvt.cloudfront.net/public/external/ 		78 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ph51qsmnjpvt.cloudfront.net/public/external/check.php?it=3118870&time=1689100300324
Requested by
Host: d1xv7hxes9rviq.cloudfront.net
URL: https://d1xv7hxes9rviq.cloudfront.net/eaa2416.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2600:17:58b6:3240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 18:31:40 GMT
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA53-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
78
x-amz-cf-id
nMkpd6yHVbAsQEyrDk8WH7z1yTO9jmQYKizN9buvtM6D0CJzKFjbAQ==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| Sentry object| __SENTRY__ string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| CPABUILDSETTINGS string| forward object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| move function| verify number| randomnumber function| randomuser object| google_tag_manager

6 Cookies

Domain/Path Name / Value
.gaming-tricks.xyz/ Name: _ga
Value: GA1.2.576520831.1689100298
.gaming-tricks.xyz/ Name: _gid
Value: GA1.2.1960411827.1689100298
.gaming-tricks.xyz/ Name: _gat
Value: 1
gaming-tricks.xyz/ Name: _cpguid
Value: ohzravyjc
.gaming-tricks.xyz/ Name: _gat_customTemplateGlobal
Value: 1
.gaming-tricks.xyz/ Name: _ga_VGZ0TCBMY2
Value: GS1.2.1689100298.1.0.1689100298.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
browser.sentry-cdn.com
d1ph51qsmnjpvt.cloudfront.net
d1xv7hxes9rviq.cloudfront.net
d266key948fg17.cloudfront.net
gaming-tricks.xyz
region1.google-analytics.com
skidrowreloaded.pro
www.google-analytics.com
www.googletagmanager.com
172.217.16.142
2001:4860:4802:32::36
2600:9000:20eb:bc00:18:af29:bac0:21
2600:9000:214f:2600:17:58b6:3240:21
2600:9000:2490:8200:18:1ea4:5480:21
2606:4700:3033::6815:5368
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2008
2a04:4e42::729
2a06:98c1:3120::3
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
279980c57e28ab6ae928a2a305a16e74b867041cd85777b0acd331ffc1ab1a46
2dfd50d663d9053459348c51f92aeb5e35da564a35be518705f81445b93816e1
7cbce275a31a0b2113cb9469ddb1fe41b820be2ba9eb221f618d4cf92c0cafd4
806211bcbafc8dd353192a98edb3e707d4c8b798418ddae5cf80dfd51c0b61f2
96a406ef0543bc3fbfc548b3acf6b77dab4645924f49676a0b9670e49d9996ef
99257468073a652af3801bd0621fdc32ba49f3a332f1cc29b3bc0ec73fbe36d4
9b4eae0036410ac1d2db35ac898575c6173d38e13ab9ccc9a48a990d4c4215f6
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
bb0e6dfde3b5d08401447b472e543d2d2c75ca2c0ebe8cd7b740db5c7596eb07
c273ed357071b7b39cbb95fe53bec365f943482edd21895120304af8baebb155
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855