urlscan.io logo urlscan.io
SecurityTrails logo

rpgs-r.us Open in urlscan Pro
50.87.248.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://r.punpriota.com/tr/cl/Ebwa2gOR3nS1Ym1WC93-wDVTHF8zKHhGDDMRqBuae5J3GIM3iZ0ycISwsqf0GpgSXWOVyHnxcRN14VE1nrXPqMDyBv...
Effective URL: http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive/Attachments%20-%20OneDrive.html?sitedomain=onedrive...
Submission: On November 13 via manual from IE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 4 HTTP transactions. The main IP is 50.87.248.93, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US. The main domain is rpgs-r.us.
This is the only time rpgs-r.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.16.234.163 13335 (CLOUDFLAR...)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 3 50.87.248.93 46606 (UNIFIEDLA...)
4 3
Apex Domain
Subdomains		 Transfer
3 rpgs-r.us
rpgs-r.us
817 B
1 sibautomation.com
sibautomation.com
1 punpriota.com
r.punpriota.com
908 B
4 3
Domain Requested by
3 rpgs-r.us 1 redirects r.punpriota.com
1 sibautomation.com r.punpriota.com
1 r.punpriota.com
4 3

This site contains no links.

Subject Issuer Validity Valid
sni117763.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-17 -
2019-03-26		 6 months crt.sh

This page contains 2 frames:

Primary Page: http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive/Attachments%20-%20OneDrive.html?sitedomain=onedrive.microsoftonline.com.shared&lang=en&seamless=novl&offerId=newmail-en-us-v2&authLev=0&siteState
Frame ID: 4E5DFE84413F2EE3A48AF6FEC8A3E60E
Requests: 3 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=2112355
Frame ID: 8FE4206AB089A4AE15261B45C254C9C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://r.punpriota.com/tr/cl/Ebwa2gOR3nS1Ym1WC93-wDVTHF8zKHhGDDMRqBuae5J3GIM3iZ0ycISwsqf0GpgSXWOVyH... Page URL
  2. http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive HTTP 301
    http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive/ Page URL
  3. http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive/Attachments%20-%20OneDrive.html... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Page Statistics

4
Requests

25 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1 kB
Transfer

81 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://r.punpriota.com/tr/cl/Ebwa2gOR3nS1Ym1WC93-wDVTHF8zKHhGDDMRqBuae5J3GIM3iZ0ycISwsqf0GpgSXWOVyHnxcRN14VE1nrXPqMDyBvuBmussUnKjCsUBPFVsDDmQ6atxdS9EKo-bcV-gv4Q3q9-8xbO7vGGAaTRm8N1oEEz_j5FObjhfjLtdPwAmWNs2b37QBrkJSOsKkIidgCtwHldZD1u0RKAvfmmt51eIz0579H4BQAUtWw Page URL
  2. http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive HTTP 301
    http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive/ Page URL
  3. http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive/Attachments%20-%20OneDrive.html?sitedomain=onedrive.microsoftonline.com.shared&lang=en&seamless=novl&offerId=newmail-en-us-v2&authLev=0&siteState Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive HTTP 301
  • http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive/

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set Ebwa2gOR3nS1Ym1WC93-wDVTHF8zKHhGDDMRqBuae5J3GIM3iZ0ycISwsqf0GpgSXWOVyHnxcRN14VE1nrXPqMDyBvuBmussUnKjCsUBPFVsDDmQ6atxdS9EKo-bcV-gv4Q3q9-8xbO7vGGAaTRm8N1oEEz_j5FObjhfjLtdPwAmWNs2b37QBrkJSOsKkIidgCtwH...
r.punpriota.com/tr/cl/ 		664 B
908 B 		Document
General
Check archive.org
Download Go to
Full URL
http://r.punpriota.com/tr/cl/Ebwa2gOR3nS1Ym1WC93-wDVTHF8zKHhGDDMRqBuae5J3GIM3iZ0ycISwsqf0GpgSXWOVyHnxcRN14VE1nrXPqMDyBvuBmussUnKjCsUBPFVsDDmQ6atxdS9EKo-bcV-gv4Q3q9-8xbO7vGGAaTRm8N1oEEz_j5FObjhfjLtdPwAmWNs2b37QBrkJSOsKkIidgCtwHldZD1u0RKAvfmmt51eIz0579H4BQAUtWw
Protocol
HTTP/1.1
Server
104.16.234.163 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de7b09d5c74723fc4ac906bc947e12c7261632f3171bacbb5457076433ac7073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Host
r.punpriota.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 14:16:48 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d7242c637d327d8bbf3a93eee1c7211141542118607; expires=Wed, 13-Nov-19 14:16:47 GMT; path=/; domain=.r.punpriota.com; HttpOnly
X-Sib-Server
SENDINBLUE-red2-3
X-Content-Type-Options
nosniff
X-XSS-Protection
1
Server
cloudflare
CF-RAY
4791dbb3e2586373-FRA
Content-Encoding
gzip
cm.html
sibautomation.com/ Frame 8FE4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?id=2112355
Requested by
Host: r.punpriota.com
URL: http://r.punpriota.com/tr/cl/Ebwa2gOR3nS1Ym1WC93-wDVTHF8zKHhGDDMRqBuae5J3GIM3iZ0ycISwsqf0GpgSXWOVyHnxcRN14VE1nrXPqMDyBvuBmussUnKjCsUBPFVsDDmQ6atxdS9EKo-bcV-gv4Q3q9-8xbO7vGGAaTRm8N1oEEz_j5FObjhfjLtdPwAmWNs2b37QBrkJSOsKkIidgCtwHldZD1u0RKAvfmmt51eIz0579H4BQAUtWw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:e0::ac40:6912 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.org>
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
sibautomation.com
:scheme
https
:path
/cm.html?id=2112355
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://r.punpriota.com/tr/cl/Ebwa2gOR3nS1Ym1WC93-wDVTHF8zKHhGDDMRqBuae5J3GIM3iZ0ycISwsqf0GpgSXWOVyHnxcRN14VE1nrXPqMDyBvuBmussUnKjCsUBPFVsDDmQ6atxdS9EKo-bcV-gv4Q3q9-8xbO7vGGAaTRm8N1oEEz_j5FObjhfjLtdPwAmWNs2b37QBrkJSOsKkIidgCtwHldZD1u0RKAvfmmt51eIz0579H4BQAUtWw
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://r.punpriota.com/tr/cl/Ebwa2gOR3nS1Ym1WC93-wDVTHF8zKHhGDDMRqBuae5J3GIM3iZ0ycISwsqf0GpgSXWOVyHnxcRN14VE1nrXPqMDyBvuBmussUnKjCsUBPFVsDDmQ6atxdS9EKo-bcV-gv4Q3q9-8xbO7vGGAaTRm8N1oEEz_j5FObjhfjLtdPwAmWNs2b37QBrkJSOsKkIidgCtwHldZD1u0RKAvfmmt51eIz0579H4BQAUtWw

Response headers

status
200
date
Tue, 13 Nov 2018 14:16:48 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=db5767baf5661c6f94e208704c05a91c31542118608; expires=Wed, 13-Nov-19 14:16:48 GMT; path=/; domain=.sibautomation.com; HttpOnly
x-powered-by
Sails <sailsjs.org>
access-control-allow-origin
*
access-control-allow-credentials
access-control-allow-methods
access-control-allow-headers
access-control-expose-headers
vary
Accept-Encoding
x-sib-server
SENDINBLUE-web2-2
x-content-type-options
nosniff
x-xss-protection
1
cf-cache-status
HIT
expires
Tue, 13 Nov 2018 16:16:48 GMT
cache-control
public, max-age=7200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4791dbb47f789750-FRA
content-encoding
gzip
/
rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive/
Redirect Chain
  • http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive
  • http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive/
214 B
511 B 		Document
General
Check archive.org
Download Go to
Full URL
http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive/
Requested by
Host: r.punpriota.com
URL: http://r.punpriota.com/tr/cl/Ebwa2gOR3nS1Ym1WC93-wDVTHF8zKHhGDDMRqBuae5J3GIM3iZ0ycISwsqf0GpgSXWOVyHnxcRN14VE1nrXPqMDyBvuBmussUnKjCsUBPFVsDDmQ6atxdS9EKo-bcV-gv4Q3q9-8xbO7vGGAaTRm8N1oEEz_j5FObjhfjLtdPwAmWNs2b37QBrkJSOsKkIidgCtwHldZD1u0RKAvfmmt51eIz0579H4BQAUtWw
Protocol
HTTP/1.1
Server
50.87.248.93 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
box1093.bluehost.com
Software
nginx/1.14.0 /
Resource Hash
96c8a2935a62893216bb931106b3a9cc8fb0b3a0ae66502ef6ac018ecfbccdd1

Request headers

Host
rpgs-r.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://r.punpriota.com/tr/cl/Ebwa2gOR3nS1Ym1WC93-wDVTHF8zKHhGDDMRqBuae5J3GIM3iZ0ycISwsqf0GpgSXWOVyHnxcRN14VE1nrXPqMDyBvuBmussUnKjCsUBPFVsDDmQ6atxdS9EKo-bcV-gv4Q3q9-8xbO7vGGAaTRm8N1oEEz_j5FObjhfjLtdPwAmWNs2b37QBrkJSOsKkIidgCtwHldZD1u0RKAvfmmt51eIz0579H4BQAUtWw
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://r.punpriota.com/tr/cl/Ebwa2gOR3nS1Ym1WC93-wDVTHF8zKHhGDDMRqBuae5J3GIM3iZ0ycISwsqf0GpgSXWOVyHnxcRN14VE1nrXPqMDyBvuBmussUnKjCsUBPFVsDDmQ6atxdS9EKo-bcV-gv4Q3q9-8xbO7vGGAaTRm8N1oEEz_j5FObjhfjLtdPwAmWNs2b37QBrkJSOsKkIidgCtwHldZD1u0RKAvfmmt51eIz0579H4BQAUtWw

Response headers

Server
nginx/1.14.0
Date
Tue, 13 Nov 2018 14:16:48 GMT
Content-Type
text/html
Content-Length
199
Connection
keep-alive
Last-Modified
Thu, 15 Feb 2018 09:46:48 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
X-Acc-Exp
600
X-Proxy-Cache
BYPASS rpgs-r.us
Accept-Ranges
bytes

Redirect headers

Server
nginx/1.14.0
Date
Tue, 13 Nov 2018 14:16:48 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
329
Connection
keep-alive
Location
http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive/
X-Acc-Exp
600
X-Proxy-Cache
BYPASS rpgs-r.us
Primary Request Attachments%20-%20OneDrive.html
rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive/ 		80 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive/Attachments%20-%20OneDrive.html?sitedomain=onedrive.microsoftonline.com.shared&lang=en&seamless=novl&offerId=newmail-en-us-v2&authLev=0&siteState
Protocol
HTTP/1.1
Server
50.87.248.93 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
box1093.bluehost.com
Software
nginx/1.14.0 /
Resource Hash

Request headers

Host
rpgs-r.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://rpgs-r.us/shareddocuments/novemberfiles/onedrive/drive/

Response headers

Server
nginx/1.14.0
Date
Tue, 13 Nov 2018 14:16:54 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 28 Feb 2018 07:33:34 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
X-Acc-Exp
600
X-Proxy-Cache
BYPASS rpgs-r.us

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

r.punpriota.com
rpgs-r.us
sibautomation.com
104.16.234.163
2606:4700:e0::ac40:6912
50.87.248.93
96c8a2935a62893216bb931106b3a9cc8fb0b3a0ae66502ef6ac018ecfbccdd1
de7b09d5c74723fc4ac906bc947e12c7261632f3171bacbb5457076433ac7073