![](/screenshots/68701d89-f830-404f-9465-32cf509d8bbe.png)
gaming-tricks.xyz
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
Effective URL: https://gaming-tricks.xyz/games/onlyfans-premium
Submission Tags: falconsandbox
Submission: On July 11 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on May 24th 2023. Valid for: 3 months.
This is the only time gaming-tricks.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2606:4700:303... 2606:4700:3033::6815:5368 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42::729 2a04:4e42::729 | 54113 (FASTLY) (FASTLY) | |
2 | 2600:9000:20e... 2600:9000:20eb:bc00:18:af29:bac0:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:249... 2600:9000:2490:8200:18:1ea4:5480:21 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 172.217.16.142 172.217.16.142 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:82f::2008 | 15169 (GOOGLE) (GOOGLE) | |
5 | 2600:9000:214... 2600:9000:214f:2600:17:58b6:3240:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
18 | 10 |
ASN16509 (AMAZON-02, US)
d266key948fg17.cloudfront.net |
ASN16509 (AMAZON-02, US)
d1xv7hxes9rviq.cloudfront.net |
ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
d1ph51qsmnjpvt.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
cloudfront.net
d266key948fg17.cloudfront.net d1xv7hxes9rviq.cloudfront.net d1ph51qsmnjpvt.cloudfront.net |
223 KB |
4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623 |
21 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79 |
158 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 433 |
30 KB |
1 |
sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4934 |
21 KB |
1 |
gaming-tricks.xyz
gaming-tricks.xyz |
5 KB |
1 |
skidrowreloaded.pro
skidrowreloaded.pro |
653 B |
18 | 7 |
Domain | Requested by | |
---|---|---|
5 | d1ph51qsmnjpvt.cloudfront.net |
d1xv7hxes9rviq.cloudfront.net
|
3 | www.google-analytics.com |
gaming-tricks.xyz
browser.sentry-cdn.com |
2 | www.googletagmanager.com |
www.google-analytics.com
|
2 | d266key948fg17.cloudfront.net |
gaming-tricks.xyz
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | d1xv7hxes9rviq.cloudfront.net |
gaming-tricks.xyz
|
1 | ajax.googleapis.com |
gaming-tricks.xyz
|
1 | browser.sentry-cdn.com |
gaming-tricks.xyz
|
1 | gaming-tricks.xyz |
skidrowreloaded.pro
|
1 | skidrowreloaded.pro | |
18 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
skidrowreloaded.pro GTS CA 1P5 |
2023-07-05 - 2023-10-03 |
3 months | crt.sh |
gaming-tricks.xyz GTS CA 1P5 |
2023-05-24 - 2023-08-22 |
3 months | crt.sh |
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3 |
2022-09-28 - 2023-10-30 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://gaming-tricks.xyz/games/onlyfans-premium
Frame ID: 367FC948A6D8902E3308F4074FB7F9B7
Requests: 18 HTTP requests in this frame
Screenshot
![](/screenshots/68701d89-f830-404f-9465-32cf509d8bbe.png)
Page Title
OnlyFans Premium MembershipPage URL History Show full URLs
- https://skidrowreloaded.pro/ofans.html Page URL
- https://gaming-tricks.xyz/games/onlyfans-premium Page URL
Detected technologies
Detected patterns
- <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
- browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://skidrowreloaded.pro/ofans.html Page URL
- https://gaming-tricks.xyz/games/onlyfans-premium Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
ofans.html
skidrowreloaded.pro/ |
90 B 653 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
onlyfans-premium
gaming-tricks.xyz/games/ |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.min.js
browser.sentry-cdn.com/6.4.1/ |
66 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16203424005d99bb351db96663f961e4062dc0c609.png
d266key948fg17.cloudfront.net/uploads/ |
184 KB 185 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eaa2416.js
d1xv7hxes9rviq.cloudfront.net/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
162034276568f6793188c75c36e40d363de213c882.png
d266key948fg17.cloudfront.net/uploads/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
15 B 223 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
219 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html.3118870.f32ba.0.js
d1ph51qsmnjpvt.cloudfront.net/public/external/v2/ |
18 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_front.css
d1ph51qsmnjpvt.cloudfront.net/public/external/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
15 B 80 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
229 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 256 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
d1ph51qsmnjpvt.cloudfront.net/public/clockers/CustomButton/ |
1010 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid
d1ph51qsmnjpvt.cloudfront.net/public/ |
0 277 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
d1ph51qsmnjpvt.cloudfront.net/public/external/ |
78 B 373 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| Sentry object| __SENTRY__ string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| CPABUILDSETTINGS string| forward object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| move function| verify number| randomnumber function| randomuser object| google_tag_manager6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.gaming-tricks.xyz/ | Name: _ga Value: GA1.2.576520831.1689100298 |
|
.gaming-tricks.xyz/ | Name: _gid Value: GA1.2.1960411827.1689100298 |
|
.gaming-tricks.xyz/ | Name: _gat Value: 1 |
|
gaming-tricks.xyz/ | Name: _cpguid Value: ohzravyjc |
|
.gaming-tricks.xyz/ | Name: _gat_customTemplateGlobal Value: 1 |
|
.gaming-tricks.xyz/ | Name: _ga_VGZ0TCBMY2 Value: GS1.2.1689100298.1.0.1689100298.0.0.0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
browser.sentry-cdn.com
d1ph51qsmnjpvt.cloudfront.net
d1xv7hxes9rviq.cloudfront.net
d266key948fg17.cloudfront.net
gaming-tricks.xyz
region1.google-analytics.com
skidrowreloaded.pro
www.google-analytics.com
www.googletagmanager.com
172.217.16.142
2001:4860:4802:32::36
2600:9000:20eb:bc00:18:af29:bac0:21
2600:9000:214f:2600:17:58b6:3240:21
2600:9000:2490:8200:18:1ea4:5480:21
2606:4700:3033::6815:5368
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2008
2a04:4e42::729
2a06:98c1:3120::3
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
279980c57e28ab6ae928a2a305a16e74b867041cd85777b0acd331ffc1ab1a46
2dfd50d663d9053459348c51f92aeb5e35da564a35be518705f81445b93816e1
7cbce275a31a0b2113cb9469ddb1fe41b820be2ba9eb221f618d4cf92c0cafd4
806211bcbafc8dd353192a98edb3e707d4c8b798418ddae5cf80dfd51c0b61f2
96a406ef0543bc3fbfc548b3acf6b77dab4645924f49676a0b9670e49d9996ef
99257468073a652af3801bd0621fdc32ba49f3a332f1cc29b3bc0ec73fbe36d4
9b4eae0036410ac1d2db35ac898575c6173d38e13ab9ccc9a48a990d4c4215f6
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
bb0e6dfde3b5d08401447b472e543d2d2c75ca2c0ebe8cd7b740db5c7596eb07
c273ed357071b7b39cbb95fe53bec365f943482edd21895120304af8baebb155
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855