valorant76.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://valorant76.com/
Submission Tags: https://sinking.yachts sinking-yachts phishing Search All
Submission: On February 17 via api (February 17th 2024, 2:02:02 pm UTC) from CZ — Scanned from NL

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is valorant76.com.
TLS certificate: Issued by E1 on February 17th 2024. Valid for: 3 months.

This is the only time valorant76.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
8	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::6815:4d57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	109.95.156.7 109.95.156.7	48896 (DHOSTING-...) (DHOSTING-AS Warsaw)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
15	5

8 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

valorant76.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:4d57 (United States)

ASN13335 (CLOUDFLARENET, US)

valorantgifts.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.95.156.7 (Poland)

ASN48896 (DHOSTING-AS Warsaw, Poland, PL)
PTR: web03-s213.ewh.eu1.dhosting.com

valorantinfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

images.contentstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	valorant76.com valorant76.com	287 KB
2	valorantinfo.com valorantinfo.com	30 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	5 KB
2	valorantgifts.top valorantgifts.top
1	contentstack.io images.contentstack.io — Cisco Umbrella Rank: 11957	2 KB
15	5

	Domain	Requested by
8	valorant76.com	valorant76.com
2	valorantinfo.com	valorant76.com
2	fonts.googleapis.com	valorant76.com
2	valorantgifts.top	valorant76.com
1	images.contentstack.io	valorant76.com
15	5

This site contains no links.

Subject Issuer	Validity	Valid
valorant76.com E1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
valorantgifts.top E1	`2024-01-26` - `2024-04-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
valorantinfo.com R3	`2024-01-25` - `2024-04-24`	3 months	crt.sh
*.contentstack.io Gandi Standard SSL CA 2	`2023-04-05` - `2024-05-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://valorant76.com/
Frame ID: 8486B5476A13FBE9DDAC98A20DB44FF9
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Valorant Bundle

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

323 kB
Transfer

432 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
valorant76.com/ 8 KB
3 KB 208ms
116ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://valorant76.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

17da2638785e6ca10fd7e95dd3edf323bb5d9cef94bba7f84e04f4c5d79ab8da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 856e904e0ac59040-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Sat, 17 Feb 2024 14:01:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjPega8DbYKD3A%2Fz8YnDcZspr1OL6fSpqgPsAyKGSqX1cFgYs78YncQrhUk6bKVcNis9ujdK%2FPO7vy85aas9k0b%2FgmqRCt7CxHxhenQ34o1e9RgHlD6pWQpRYSwRR1t7lkMgLbGqlwmzK%2BekIg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-powered-by: Express

GET
H2 404 main.css
valorant76.com/shabl1/ 0
0 117ms
116ms Stylesheet
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://valorant76.com/shabl1/main.css

Requested by

Host: valorant76.com
URL: https://valorant76.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://valorant76.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:01:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"4e-hBrxpAH1AZ13DjctO1G1OaHIsm0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBsM7wQQKXWcwrQu5BjADgc3KLZcbwdXv9lWMMioX5NL7BrrW61GvmPwQqXdxgB0WIV9G9j92jbyoZHpV0ez%2BI3AjzPGyznjM1JPuqL4iVXcGRggeH3qOR9Fmgcnc0UCUMU9PlWtUzebJaxQgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
ddg-cache-status: MISS
cache-control: max-age=14400
cf-ray: 856e904ecbeb9040-FRA

GET
H2 404 index.css
valorant76.com/shabl1/ 0
0 111ms
110ms Stylesheet
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://valorant76.com/shabl1/index.css

Requested by

Host: valorant76.com
URL: https://valorant76.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://valorant76.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:01:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"4f-dZoiaTYM8+7oPV55K5ij8s7fVcQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yey2Khea9s0W1setDxP3BJZ3wkR8oB1bQLNG26R8XlzxfgRY5YkeVJx1zKWqc%2FSiuGcT7XN1GSOB82DH8%2Bnp1GIhS%2BZVVm5lcgwE1Vw0jzrd3PZy0VjR5PoqfwiVPvY%2FK%2F7Qytz6wPeLdqMeOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
ddg-cache-status: MISS
cache-control: max-age=14400
cf-ray: 856e904ecbed9040-FRA

GET
H2 522 jquery-1.9.1.min.js
valorantgifts.top/static/js/main/ 0
0 15660ms
15308ms Script
text/html 2606:4700:3035::6815:4d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://valorantgifts.top/static/js/main/jquery-1.9.1.min.js
Requested by: Host: valorant76.com
URL: https://valorant76.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4d57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://valorant76.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 522 main.js
valorantgifts.top/static/js/main/ 0
0 15741ms
15389ms Script
text/html 2606:4700:3035::6815:4d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://valorantgifts.top/static/js/main/main.js
Requested by: Host: valorant76.com
URL: https://valorant76.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4d57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://valorant76.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ 91 KB
3 KB 83ms
38ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i

Requested by

Host: valorant76.com
URL: https://valorant76.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a8c1c691c92f0e7c4dc03a2d796ecc23aa880b085666a335bdf7870efdc7b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://valorant76.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 14:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 14:01:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 14:01:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 109ms
65ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700|Titillium+Web:200,200i,300,300i,400,400i,600,600i,700,700i,900

Requested by

Host: valorant76.com
URL: https://valorant76.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

398319a2b0f5d5c3a18fb43c8768fa79f38d82bf29cfef18a730815af720e528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://valorant76.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 14:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 14:01:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 14:01:41 GMT

GET
H2 404 RiotGames.png
valorant76.com/shabl1/ 83 B
83 B 108ms
108ms Image
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://valorant76.com/shabl1/RiotGames.png

Requested by

Host: valorant76.com
URL: https://valorant76.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b822b2de65311636b608f3f7347afc2f686a4e56983c6230f0ff261c076a4222

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://valorant76.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:01:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"53-3YUU9v7bI4SJL6Ir50a4vv5nh94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5Yy8x89s%2BswC9eTNTeTNUGWT89TDUTjHlj4nLyRBdonzvyxIjpJm7Ts8OV4D4BoXXZ4EE%2Fjp0WGGEytrndvxeoAnH5u6nAEZJa0aMmKgBRRbjZ8sea4NtpuXMCm20OaUWgi23w2OocfGZrgFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
ddg-cache-status: MISS
cache-control: max-age=14400
cf-ray: 856e904ecbee9040-FRA

GET
H2 404 svg.png
valorant76.com/shabl1/ 77 B
77 B 85ms
85ms Image
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://valorant76.com/shabl1/svg.png

Requested by

Host: valorant76.com
URL: https://valorant76.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1fea064826515f9a45db3c637b15bf0ada6c74d6a2ac82ce54192d431435fab3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://valorant76.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:01:40 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"4d-HPrKYz7e7ZPItSUNAl0wp0T3ZfU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VqamceGCWzNIRNBCL1%2FJ5Zh6fglOubasZvimS7dE8KvLN7Nuwh4VA4y%2FrPVrvE6Dpx566DH0tSaRfvmFa8VLeoK0Jb%2FSo5K%2FwtgCQVzdyQcqnICbzeCNzsaLR2QHdYs5ARpxc2dFuH596XzTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
ddg-cache-status: MISS
cache-control: max-age=14400
cf-ray: 856e904ecbf09040-FRA

GET
H2 200 champions-2021-karambit_valorant_full_skin_154996.webp
valorantinfo.com/images/ru/ 18 KB
18 KB 153ms
64ms Image
image/webp 109.95.156.7
DHOSTING-AS Warsaw

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valorantinfo.com/images/ru/champions-2021-karambit_valorant_full_skin_154996.webp
Requested by: Host: valorant76.com
URL: https://valorant76.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.95.156.7 , Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS: web03-s213.ewh.eu1.dhosting.com
Software: LiteSpeed /
Resource Hash: 3b82717897c7ed12d38b7d6b5350b5a4d1d6ccf9c43329c93d96a3534bedf54a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://valorant76.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:01:41 GMT
last-modified: Sun, 08 May 2022 19:20:36 GMT
server: LiteSpeed
etag: "4826-62781804-3e8200db9b94c08b;;;"
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 18470
expires: Mon, 18 Mar 2024 14:01:41 GMT

GET
H2 200 arcane-sheriff_valorant_full_skin_154734.webp
valorantinfo.com/images/us/ 11 KB
12 KB 121ms
32ms Image
image/webp 109.95.156.7
DHOSTING-AS Warsaw

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valorantinfo.com/images/us/arcane-sheriff_valorant_full_skin_154734.webp
Requested by: Host: valorant76.com
URL: https://valorant76.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.95.156.7 , Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS: web03-s213.ewh.eu1.dhosting.com
Software: LiteSpeed /
Resource Hash: b8d67fb30abdb1dfcf37100191f1096cad3bb026b56215629ca797f2b010ad03

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://valorant76.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:01:41 GMT
last-modified: Sun, 08 May 2022 19:19:29 GMT
server: LiteSpeed
etag: "2cce-627817c1-7fc8d3189a4dacad;;;"
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 11470
expires: Mon, 18 Mar 2024 14:01:41 GMT

GET
H2 200 val-logo-small.png
images.contentstack.io/v3/assets/blt0eb2a2986b796d29/blt50870b13992cdf47/63b0d7d089f85210f400107e/ 2 KB
2 KB 76ms
15ms Image
image/png 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt0eb2a2986b796d29/blt50870b13992cdf47/63b0d7d089f85210f400107e/val-logo-small.png?&height=75&disable=upscale
Requested by: Host: valorant76.com
URL: https://valorant76.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: fbe858ec920dc18fc20c2bdf4452d588b992bf9d53e4bf1b5dd17f23fb50b7b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://valorant76.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:01:41 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300712
age: 1565704
x-cache: HIT, HIT
fastly-io-info: ifsz=2592 idim=98x55 ifmt=png ofsz=1906 odim=98x55 ofmt=png
content-disposition: inline; filename=val-logo-small.png
fastly-stats: io=1
content-length: 1906
x-request-id: 4fc42c8a639e2e1bd3a9ac88319b179f
x-served-by: cache-sjc1000125-SJC, cache-ams21072-AMS
x-runtime: 75ms
server: contentstack
x-timer: S1708178501.003873,VS0,VE0
x-contentstack-organization: blt86ac51dd68a0a1f6
etag: "UpAZTmPE2lNZfpOCVTBFAIfxjw2EHzZuEVA9QFIPfVY"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 10292, 9

GET
H2 200 api.js Show response
valorant76.com/ 446 B
645 B 112ms
111ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://valorant76.com/api.js

Requested by

Host: valorant76.com
URL: https://valorant76.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

cc25cda58100900ce9f0ff4e11a435863dee25523426cbb8cc55bc7511ecd207

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://valorant76.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:01:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 18 Nov 2023 14:47:56 GMT
server: cloudflare
etag: W/"1be-18be2e71160"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x83sBRNzrOrPnXB0cdkhiboCiwa5%2BtC866OxIrRTPMGXb%2FeZnYnbTtHnjK4dFlmymdiaHakiaQZ1i9YfA8mdBkSskmS8y8L2J8awnAWQF24yMeUdKTGw6EjH2x9XAEv1yFKXUHIDBwv%2BwI%2BBfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
ddg-cache-status: MISS
cache-control: public, max-age=14400
cf-ray: 856e904eec209040-FRA

GET
H3 200 09082021-Episode-3-Act-II-Overview-Article-Banner.jpg
valorant76.com/shabl1/ 282 KB
283 KB 245ms
245ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://valorant76.com/shabl1/09082021-Episode-3-Act-II-Overview-Article-Banner.jpg

Requested by

Host: valorant76.com
URL: https://valorant76.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7d6e68b64e732484804d0fe277a8b294ccdc3e1838be3627a2570bb595caacb6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://valorant76.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:01:41 GMT
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 288709
last-modified: Sun, 04 Feb 2024 21:15:40 GMT
server: cloudflare
etag: W/"467c5-18d75fa155d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPP%2BcF4064Jbi0XQaR6kbnjWvIJgz6tQ5qU1OaTclbWSI2yDLNujVfl6fRcHHUzh9fqCrot%2FliiBCLeGz3sb5nlt2yQJBDzvAip647uYz7%2Bl1gBtFWv81O6WgEzwhEnJEiimh9Vbczxc86m7ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
ddg-cache-status: MISS
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 856e904f8fd51bdb-FRA

POST
H3 201 counter Show response
valorant76.com/valorant/ 16 B
555 B 112ms
112ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://valorant76.com/valorant/counter

Requested by

Host: valorant76.com
URL: https://valorant76.com/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://valorant76.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 17 Feb 2024 14:01:41 GMT
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H70uYL0uZ1KEOwsT720Z1OOG5PiyAVm9C2QVXq51W8rPiQDPt5P7vn3022PE3EZQlqOtdmCgOkmAMlBoVqrl68YcXJkQ8ZSJ9uZO7EDn849DBH7Obf5ZZ8o6lbKKaZz7W7rhfRFmxWM7eWP3BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 856e904f9fef1bdb-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Malicious task.url
Submitted on February 17th 2024, 2:02:06 pm UTC — From Czech Republic

Threats: Phishing Scam
Comment: This domain is present in the Sinking Yachts anti-phishing list. More Info: https://sinking.yachts

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| select1 function| select2

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.valorant76.com/	1970-01-21 03:15:14	Name: __ddg1_ Value: yjwqKB1qcQHAMePVBJI6

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://valorant76.com/shabl1/svg.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://valorant76.com/shabl1/RiotGames.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://valorant76.com/shabl1/index.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://valorant76.com/shabl1/main.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://valorantgifts.top/static/js/main/jquery-1.9.1.min.js Message: Failed to load resource: the server responded with a status of 522 ()
network	error	URL: https://valorantgifts.top/static/js/main/main.js Message: Failed to load resource: the server responded with a status of 522 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
images.contentstack.io
valorant76.com
valorantgifts.top
valorantinfo.com
109.95.156.7
151.101.66.137
2606:4700:3035::6815:4d57
2a00:1450:4001:81c::200a
2a06:98c1:3121::3
17da2638785e6ca10fd7e95dd3edf323bb5d9cef94bba7f84e04f4c5d79ab8da
1fea064826515f9a45db3c637b15bf0ada6c74d6a2ac82ce54192d431435fab3
398319a2b0f5d5c3a18fb43c8768fa79f38d82bf29cfef18a730815af720e528
3b82717897c7ed12d38b7d6b5350b5a4d1d6ccf9c43329c93d96a3534bedf54a
4a8c1c691c92f0e7c4dc03a2d796ecc23aa880b085666a335bdf7870efdc7b03
7d6e68b64e732484804d0fe277a8b294ccdc3e1838be3627a2570bb595caacb6
b822b2de65311636b608f3f7347afc2f686a4e56983c6230f0ff261c076a4222
b8d67fb30abdb1dfcf37100191f1096cad3bb026b56215629ca797f2b010ad03
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc25cda58100900ce9f0ff4e11a435863dee25523426cbb8cc55bc7511ecd207
fbe858ec920dc18fc20c2bdf4452d588b992bf9d53e4bf1b5dd17f23fb50b7b2

valorant76.com Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

323 kBTransfer

432 kBSize

1 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Malicious task.url Submitted on February 17th 2024, 2:02:06 pm UTC — From Czech Republic

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

2 JavaScript Global Variables

1 Cookies

6 Console Messages

Security Headers

Indicators

valorant76.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

323 kB
Transfer

432 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions

Malicious task.url
Submitted on February 17th 2024, 2:02:06 pm UTC — From Czech Republic

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!