www.rage-emperor.com
Open in
urlscan Pro
172.67.166.1
Malicious Activity!
Public Scan
Effective URL: https://www.rage-emperor.com/
Submission: On September 05 via api from US — Scanned from DE
Summary
TLS certificate: Issued by WE1 on July 26th 2024. Valid for: 3 months.
This is the only time www.rage-emperor.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 26 | 172.67.166.1 172.67.166.1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 172.67.150.133 172.67.150.133 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:5f72 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
34 | 5 |
ASN13335 (CLOUDFLARENET, US)
customer-tqjuowcwyvj09sgh.cloudflarestream.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
rage-emperor.com
1 redirects
www.rage-emperor.com |
437 KB |
4 |
bibandbob.net
bibandbob.net |
136 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336 |
70 KB |
1 |
cloudflarestream.com
customer-tqjuowcwyvj09sgh.cloudflarestream.com |
|
0 |
gearoffer.pro
Failed
gearoffer.pro Failed |
|
34 | 5 |
Domain | Requested by | |
---|---|---|
26 | www.rage-emperor.com |
1 redirects
www.rage-emperor.com
|
4 | bibandbob.net |
www.rage-emperor.com
bibandbob.net |
3 | cdnjs.cloudflare.com |
bibandbob.net
cdnjs.cloudflare.com |
1 | customer-tqjuowcwyvj09sgh.cloudflarestream.com |
www.rage-emperor.com
|
0 | gearoffer.pro Failed |
bibandbob.net
|
34 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
rage-emperor.com WE1 |
2024-07-26 - 2024-10-24 |
3 months | crt.sh |
bibandbob.net WE1 |
2024-08-02 - 2024-10-31 |
3 months | crt.sh |
cloudflarestream.com WE1 |
2024-07-30 - 2024-10-28 |
3 months | crt.sh |
cdnjs.cloudflare.com WE1 |
2024-07-31 - 2024-10-29 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.rage-emperor.com/
Frame ID: 2F68A318E3F8756A27847E5A5C14EAA5
Requests: 33 HTTP requests in this frame
Frame:
https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/2394229d89ff7fa005baebebcca32b0b/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F2394229d89ff7fa005baebebcca32b0b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Frame ID: CAB8C48F3989D5F87CF8FE4C51F98CB9
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
BalticPipePage URL History Show full URLs
-
http://www.rage-emperor.com/
HTTP 307
https://www.rage-emperor.com/ Page URL
-
https://www.rage-emperor.com/cdn-cgi/phish-bypass?atok=FuSiXtxS0IUAt0Arbh0k5UlkZfWQhxwqVzDXYizEy4c-172551...
HTTP 301
https://www.rage-emperor.com/ Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.rage-emperor.com/
HTTP 307
https://www.rage-emperor.com/ Page URL
-
https://www.rage-emperor.com/cdn-cgi/phish-bypass?atok=FuSiXtxS0IUAt0Arbh0k5UlkZfWQhxwqVzDXYizEy4c-1725514982-0.0.1.1-%2F
HTTP 301
https://www.rage-emperor.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.rage-emperor.com/ HTTP 307
- https://www.rage-emperor.com/
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
www.rage-emperor.com/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
www.rage-emperor.com/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
www.rage-emperor.com/cdn-cgi/images/ |
452 B 634 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
www.rage-emperor.com/ |
282 B 662 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
www.rage-emperor.com/ Redirect Chain
|
25 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bundle.css
www.rage-emperor.com/assets/css/ |
215 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
bibandbob.net/cdn/2333/form/v1/ |
21 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.svg
www.rage-emperor.com/assets/images/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main-baltic.png
www.rage-emperor.com/assets/images/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
plus.svg
www.rage-emperor.com/assets/images/ |
144 B 636 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
play.svg
www.rage-emperor.com/assets/images/ |
327 B 754 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
baltic-bubbles.png
www.rage-emperor.com/assets/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
baltic-map.png
www.rage-emperor.com/assets/images/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
graph-bubbles.png
www.rage-emperor.com/assets/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
graph.png
www.rage-emperor.com/assets/images/ |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
feature-1.png
www.rage-emperor.com/assets/images/ |
486 B 976 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
feature-2.png
www.rage-emperor.com/assets/images/ |
547 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
feature-3.png
www.rage-emperor.com/assets/images/ |
572 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
feedback-bubble-1.png
www.rage-emperor.com/assets/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
feedback-bubble-2.png
www.rage-emperor.com/assets/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
feedback-1.png
www.rage-emperor.com/assets/images/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
feedback-2.png
www.rage-emperor.com/assets/images/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
feedback-3.png
www.rage-emperor.com/assets/images/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.js
www.rage-emperor.com/assets/js/ |
619 B 810 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
customer-tqjuowcwyvj09sgh.cloudflarestream.com/2394229d89ff7fa005baebebcca32b0b/ Frame CAB8 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
about-bg.png
www.rage-emperor.com/assets/images/ |
104 KB 104 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
feature-bg.png
www.rage-emperor.com/assets/images/ |
129 KB 129 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
c8p3l4k.php
gearoffer.pro/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bundle.js
bibandbob.net/cdn/2333/form/v1/ |
391 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/css/ |
25 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
all.min.css
bibandbob.net/sdk/fa/css/ |
100 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script-styles.css
bibandbob.net/cdn/2333/form/v1/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
messages_pl.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.5/localization/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/img/ |
66 KB 67 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- gearoffer.pro
- URL
- https://gearoffer.pro/c8p3l4k.php?key=e8mj2rflhh810zd3vs76&lp_type=pixel&funnel=baltic_pipe
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 string| dmnlc string| cmpnk string| fnlnm string| cdnDomainUrl string| color string| language string| phone_detection string| form_key function| getUclick function| fxOfLnks function| sendLpPixel object| formsSettings object| scriptsAndStyles object| FORM_FIELDS_TYPES object| FORM_FIELDS_AUTOCOMPLETE object| TRANSLATIONS string| GTAG_ID_KEY string| GTAG_CLABEL_KEY object| formFields number| currentStep number| maxStepCount function| renderText function| renderSubmit function| renderEmail function| renderPhone function| renderFields function| renderHeader function| getCustomsStyles function| findAncestor function| renderScriptsAndStyles function| renderForm object| head string| customsStyles object| inlineCustomStyles function| getParameterByName object| formFieldsKeys object| elemForm function| displaySteps function| loadFormCb function| jQuery object| intlTelInputGlobals function| intlTelInput object| intlTelInputUtils function| $jQ object| lander-form-phone1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.rage-emperor.com/ | Name: __cf_mw_byp Value: FuSiXtxS0IUAt0Arbh0k5UlkZfWQhxwqVzDXYizEy4c-1725514982-0.0.1.1-/ |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bibandbob.net
cdnjs.cloudflare.com
customer-tqjuowcwyvj09sgh.cloudflarestream.com
gearoffer.pro
www.rage-emperor.com
gearoffer.pro
104.17.25.14
172.67.150.133
172.67.166.1
2606:4700::6810:5f72
00b38c985b73e4c2d54bf9d04f1fa0248c0a379041b2bce361c306c4cc15f7b6
0c04b8e4733a4f2ed054e5f88ceae5c4a3f7d495698a447c0cc016a8b9f91b3e
0d60c6c4a654b9ad97279f4ed88814c9999b34dba625fc4a1c2e952d4ec8f98d
1a179676ee5d7202bfd97149a3c2ebf7f4b3516b1ca9b982ffa9ff770058a3b0
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
252f21cb96bbee54b9be900241a5ef5642a4d424c68950daa90e23584a433eab
433a15214a7763971e81ccb01befe8902e39534c473dc172a9ac8894ffe3b89c
4efb8e5d1b2f4d97c0dc1c924866f2d63f8bbfed4079b89cafd5e53476f8e433
53123dc5443a8e2b2499e0ba478c629b14d22b296edc6aeadde03f846a815a14
5312e8c01ae02133b0636701ae4510cf17d185b18e52b3030dbc7983d249bda1
6f71f3715ddcf66e2753736e6e9cf82614ac9d16a465a1c2e2bae150dc881034
7dec977dece923b8127afaedfcc211b7ca9c7689a53f860e6a8ce1329463726f
848f461b0625a3c5c7a108cb59d3a6cea7f3779a940b8672fb0b07b2d4528bf8
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
8613d8eb8ea919def793e2e74c0b5266e2bdd92a5adbf4025eb14f11d7c9bb0a
aa1e57b76d36e7041b1683ccdc897afe43c3b34b9947489d5b4af7d2691cf545
ab95371c5dbcbdb9abd9f520d71f4d14e36960850fd8d7ae7aeb87c5fe4c54e4
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
b3553f4deeeb422a2ff353be75510d6fe2b4fec485c303fab5ee4365c0909c9f
b877f968198080b4ef37cc6b8eccffd479d5b83e0ba218244e5a9f0af647e796
d0dfab76f5389fb40a6a873a82a64d35f7a50ae00bdc625ebda3031f2ba2d8bd
d3f0ced50e106f74fc960fe5326b0a512efe2a0ff98c92b7e6566b2357ce4ff0
d791131348861b6c15310cf6d4500677c51b805a99bd203ae956ba6e0f7b4120
da1aaa813bfa382af887e69a2a91bfb2562d0c9e413a824a267d5fbe532f498b
dcff75c0020a1e80f20599ce506c2c2c4c7a5166f3c7922c4f5dadca91142641
e870915d26e44a828f301b01087e318ae1fe8ac9740ed9ebd316c4a1d2763b45
e877c28d7190a3a41040bce3af7259fbe1091b3974a08d93b9b8b9b2ae633132
ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7
f0c33507aa442babff75695dbfb9f90c4e0a81398e6f0f409066716e451f99f2
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
fe2c5bc71fa24f552681efabe24cdf3932d80230a333260db91b219afa4bfcb2