jagex-game.ru
Open in
urlscan Pro
93.158.239.22
Malicious Activity!
Public Scan
Submission Tags: 6717733
Submission: On August 04 via api from NL
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on July 1st 2020. Valid for: 3 months.
This is the only time jagex-game.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Runescape (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 93.158.239.22 93.158.239.22 | 60503 (FNXTEC) (FNXTEC) | |
1 | 151.101.112.157 151.101.112.157 | 54113 (FASTLY) (FASTLY) | |
2 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 104.244.42.69 104.244.42.69 | 13414 (TWITTER) (TWITTER) | |
2 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 2606:4700::68... 2606:4700::6810:84e5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.244.42.195 104.244.42.195 | 13414 (TWITTER) (TWITTER) | |
23 | 8 |
ASN60503 (FNXTEC, NL)
PTR: protected.hyperfilter.com
jagex-game.ru | |
xtremefish.rs |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
jagex-game.ru
jagex-game.ru |
247 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
4 KB |
2 |
facebook.com
www.facebook.com |
523 B |
2 |
facebook.net
connect.facebook.net |
166 KB |
1 |
twitter.com
analytics.twitter.com |
652 B |
1 |
t.co
t.co |
449 B |
1 |
xtremefish.rs
xtremefish.rs |
25 KB |
1 |
ads-twitter.com
static.ads-twitter.com |
2 KB |
23 | 8 |
Domain | Requested by | |
---|---|---|
13 | jagex-game.ru |
jagex-game.ru
|
2 | cdnjs.cloudflare.com |
jagex-game.ru
|
2 | www.facebook.com |
jagex-game.ru
|
2 | connect.facebook.net |
jagex-game.ru
connect.facebook.net |
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | t.co |
jagex-game.ru
|
1 | xtremefish.rs |
jagex-game.ru
|
1 | static.ads-twitter.com |
jagex-game.ru
|
23 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
silktide.com |
oldschool.runescape.com |
secure.runescape.com-zx.ru |
www.jagex.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
jagex-game.ru Let's Encrypt Authority X3 |
2020-07-01 - 2020-09-29 |
3 months | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2019-08-14 - 2020-08-18 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-07-21 - 2020-10-12 |
3 months | crt.sh |
xtremefish.rs Let's Encrypt Authority X3 |
2020-07-28 - 2020-10-26 |
3 months | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2020-02-18 - 2021-02-06 |
a year | crt.sh |
cloudflare.com Cloudflare Inc ECC CA-3 |
2020-07-04 - 2021-07-04 |
a year | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://jagex-game.ru/m=landing/old-school-runescape1,3,8,1,184
Frame ID: 76581D02467EB4E3A5287047ED19748D
Requests: 23 HTTP requests in this frame
Frame:
https://jagex-game.ru/index_files/activityi.html
Frame ID: 34A790066D0C587A1CCA1758BDCA4676
Requests: 1 HTTP requests in this frame
Frame:
https://jagex-game.ru/index_files/activityi(1).html
Frame ID: 57A3300170889F919290F249C832DC47
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Bloomreach (CMS) ExpandDetected patterns
- html /<[^>]+\/binaries\/(?:[^/]+\/)*content\/gallery\//i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: Cookie Consent plugin for the EU cookie law
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Go To Forum Post Here
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Cookie Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
old-school-runescape1,3,8,1,184
jagex-game.ru/m=landing/ |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.css
jagex-game.ru//index_files/ |
84 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.css
jagex-game.ru//index_files/ |
218 KB 79 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ec.js.download
jagex-game.ru/index_files/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
134 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js.download
jagex-game.ru/index_files/ |
35 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oldschool.png
jagex-game.ru/index_files/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jagex.svg
jagex-game.ru/index_files/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.js.download
jagex-game.ru/index_files/ |
328 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.js.download
jagex-game.ru/index_files/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
activityi.html
jagex-game.ru/index_files/ Frame 34A7 |
518 B 738 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
activityi(1).html
jagex-game.ru/index_files/ Frame 57A3 |
516 B 736 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
15926231212523
xtremefish.rs/images/OSRS/ |
24 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
parchment.jpg
jagex-game.ru//img/backgrounds/ |
234 B 234 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
25 KB 25 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MuseoSans-700.woff
jagex-game.ru//fonts/MuseoSans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
59 KB 59 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
733580816662332
connect.facebook.net/signals/config/ |
522 KB 132 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 449 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 377 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-floating.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 652 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 146 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Runescape (Online)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| twttr object| gaplugins function| ga object| CM object| OS function| $ function| jQuery object| Modernizr boolean| hasCookieConsent function| FastClick object| whatInput object| Foundation function| _ function| Cookies string| gtmSite undefined| dataLayer function| fbq function| _fbq function| twq function| update_cookieconsent_options2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.jagex-game.ru/ | Name: _fbp Value: fb.1.1596526291715.1615172838 |
|
jagex-game.ru/ | Name: PHPSESSID Value: 4o8hmn2gs5ok80iq2cv2vsvnh6 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.twitter.com
cdnjs.cloudflare.com
connect.facebook.net
jagex-game.ru
static.ads-twitter.com
t.co
www.facebook.com
xtremefish.rs
104.244.42.195
104.244.42.69
151.101.112.157
2606:4700::6810:84e5
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
93.158.239.22
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
20cf101dff70c2725e781f43aa124036a2c3ca1fb91ce87d3bbb46ec46fd150b
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
480f0c53edc1e4dfa14bc1479b8a298ecb4f4c5a92ba2917a3612eb8b242d13d
48b3933ffd462d85cfc5f8a75950e73a9f1d010c0e4e28d15e792b99704bf999
4f9e63a97892298c93d51daa434bffbdb95f40c2df682fa887a3580bbaa74d2b
53fb5127c07d246935dabc5049e6b02af82f1c0fe3bdb156b43c7da38bdbfe9d
61ba66d05047f667762f73f87a838ef5723036fdbc11a31cc3d55399b4105709
6865695148fa8984d5d3d639003a358bf01f2b89934b861d35d72fad4f341646
7750d672ae2973a7f32832040cae87f1d6b687cbd268fd4000c906bc761328c9
8564fa31dd1eddba77e82245c91b29444c91573af946d1409cda518d54975b41
8cd2a03366f690f12a071f29900d45c36f8770b7c2ec28ea1a77759f9b58309a
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b69449d757ded738b9c2d5f7ea007db0ee56df5f2d12aaac6390125543845738
dc25e029a0bfa1375eccdaa381b3326845f947b07e1ecf1eb2daec2f0b1dce0a
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
f3eb8d586a710fd04797363692acb5593196681b589f8491a43be0fc68000474
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
f944c3e2727d12ebe1ff1c65d550778395fced7acbd22f07655e86d1fa393e57
ff8907629037178202f696a9e569711de5675cb8c52ee035b3365283bd11f580