rudrasharmau.github.io Open in urlscan Pro
2606:50c0:8002::153  Malicious Activity! Public Scan

URL: https://rudrasharmau.github.io/RG-GAMING/
Submission: On August 22 via api from US — Scanned from US

Summary

This website contacted 11 IPs in 2 countries across 12 domains to perform 17 HTTP transactions. The main IP is 2606:50c0:8002::153, located in United States and belongs to FASTLY, US. The main domain is rudrasharmau.github.io.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 21st 2023. Valid for: a year.
This is the only time rudrasharmau.github.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

IP Address AS Autonomous System
4 2606:50c0:800... 54113 (FASTLY)
1 2607:f8b0:402... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:402... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 184.29.143.171 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 192.243.59.20 39572 (ADVANCEDH...)
17 11
Apex Domain
Subdomains
Transfer
4 github.io
rudrasharmau.github.io
128 KB
3 akamaihd.net
freefiremobile-a.akamaihd.net — Cisco Umbrella Rank: 54082
22 KB
1 highperformancedformats.com
www.highperformancedformats.com
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 277
11 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 84
2 KB
1 freefiremobile.com
dl.dir.freefiremobile.com — Cisco Umbrella Rank: 24205
34 KB
1 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 11064
475 KB
1 gurugamer.com
img.gurugamer.com
63 KB
1 hdqwalls.com
images.hdqwalls.com — Cisco Umbrella Rank: 279328
2 MB
1 esports.net
www.esports.net — Cisco Umbrella Rank: 967159
78 KB
1 talkesport.com
www.talkesport.com
70 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
775 B
17 12
Domain Requested by
4 rudrasharmau.github.io rudrasharmau.github.io
3 freefiremobile-a.akamaihd.net rudrasharmau.github.io
1 www.highperformancedformats.com rudrasharmau.github.io
1 cdnjs.cloudflare.com rudrasharmau.github.io
1 lh3.googleusercontent.com rudrasharmau.github.io
1 dl.dir.freefiremobile.com rudrasharmau.github.io
1 1.bp.blogspot.com rudrasharmau.github.io
1 img.gurugamer.com rudrasharmau.github.io
1 images.hdqwalls.com rudrasharmau.github.io
1 www.esports.net rudrasharmau.github.io
1 www.talkesport.com rudrasharmau.github.io
1 fonts.googleapis.com rudrasharmau.github.io
17 12

This site contains links to these domains. Also see Links.

Domain
app.appsflyer.com
Subject Issuer Validity Valid
*.github.io
DigiCert TLS RSA SHA256 2020 CA1
2023-02-21 -
2024-03-20
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
talkesport.com
E1
2023-07-06 -
2023-10-04
3 months crt.sh
www.esports.net
Cloudflare Inc ECC CA-3
2023-05-29 -
2024-05-28
a year crt.sh
hdqwalls.com
Cloudflare Inc ECC CA-3
2023-04-07 -
2024-04-06
a year crt.sh
gurugamer.com
GTS CA 1P5
2023-08-06 -
2023-11-04
3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
dl.dir.freefiremobile.com
SSL.com RSA SSL subCA
2023-03-08 -
2024-03-07
a year crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2023-05-16 -
2024-05-15
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
highperformancedformats.com
R3
2023-08-16 -
2023-11-14
3 months crt.sh

This page contains 1 frames:

Primary Page: https://rudrasharmau.github.io/RG-GAMING/
Frame ID: AA6578C6DFF58F4F49D465F3487FC5AA
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Rg_gaming | free fire battle ground | Rggaming

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.github\.io

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

100 %
HTTPS

82 %
IPv6

12
Domains

12
Subdomains

11
IPs

2
Countries

2708 kB
Transfer

2760 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rudrasharmau.github.io/RG-GAMING/
7 KB
3 KB
Document
General
Full URL
https://rudrasharmau.github.io/RG-GAMING/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
945d0fd8407de79ff688d11ad1ec5bd7bbaa8100d5422548e3690332e7648fab
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
2614
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 13:49:31 GMT
etag
W/"632dc513-1c89"
expires
Tue, 22 Aug 2023 13:59:31 GMT
last-modified
Fri, 23 Sep 2022 14:39:15 GMT
permissions-policy
interest-cohort=()
server
GitHub.com
strict-transport-security
max-age=31556952
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
cec67f24f2d37cc7bdb438a2c81904525f5f2663
x-github-request-id
2410:6D6F:26BDB73:39DEB4F:64E4BCE9
x-proxy-cache
MISS
x-served-by
cache-chi-klot8100175-CHI
x-timer
S1692712172.687237,VS0,VE29
index.css
rudrasharmau.github.io/RG-GAMING/
10 KB
3 KB
Stylesheet
General
Full URL
https://rudrasharmau.github.io/RG-GAMING/index.css
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
ef3ad3abe921b16d8234a9e2a0a842c4f1bd1032cb7a7e0be55160a759a75155
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rudrasharmau.github.io/RG-GAMING/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-fastly-request-id
f048eda8162e1f9d15ff1dd80dcf54c44318a3c6
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Tue, 22 Aug 2023 13:49:31 GMT
age
0
x-cache
MISS
x-cache-hits
0
x-proxy-cache
MISS
content-length
2611
x-served-by
cache-chi-klot8100175-CHI
last-modified
Fri, 23 Sep 2022 14:39:15 GMT
server
GitHub.com
x-github-request-id
1E3A:0A88:4CD609:6A33FA:64E4BCEA
x-timer
S1692712172.756058,VS0,VE28
etag
W/"632dc513-28e9"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Tue, 22 Aug 2023 13:59:31 GMT
icon
fonts.googleapis.com/
569 B
775 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rudrasharmau.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 22 Aug 2023 13:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 13:49:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Aug 2023 13:49:31 GMT
free-fire.jpeg
www.talkesport.com/wp-content/uploads/
69 KB
70 KB
Image
General
Full URL
https://www.talkesport.com/wp-content/uploads/free-fire.jpeg
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ccd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eac5130eebb7604fd0d941171cd59b941bda700dd71eb5073a48698ea7a1b37e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rudrasharmau.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 13:49:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71966
alt-svc
h3=":443"; ma=86400
content-length
70753
last-modified
Sun, 09 Apr 2023 17:06:34 GMT
server
cloudflare
etag
"6432f09a-11461"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIYjQB%2B4AJcIwuc4eXAZHVOrQ2y%2Bm7%2FEfpEhRR8k3M1gMVGDNhREgMi4W%2FO4VXxMrqcdhTDq56ftw2YYh9ZA0dy5p185bNBVNpW3A8q8gdvVrI3zg1GSOH7sP7gr%2FJxf383NfphajczG5SQn%2FxvSA9s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7fab9461fba910d0-ORD
expires
Tue, 20 Aug 2024 17:50:04 GMT
Free-Fire-Game.jpg
www.esports.net/wp-content/uploads/2020/05/
77 KB
78 KB
Image
General
Full URL
https://www.esports.net/wp-content/uploads/2020/05/Free-Fire-Game.jpg
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:128f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b3991660719db3129657df773735fc13e876e49844c7de913e1841024b8b8a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rudrasharmau.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 13:49:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-wpe-request-id
5629c318f560544ec84ec04d7cd3017b
content-length
79020
last-modified
Sat, 26 Feb 2022 06:26:13 GMT
server
cloudflare
etag
"6219c805-134ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZSSmkUXldAGswTei5dmvreUPOTQ%2BtrDa85ozTyJvJru0WHze3sQVFBRdQt7jloyETrJHcJVgMCgOMG46xL0x0lr4Wsq2bY%2BDjsQ6W0WYafau97u5U1xXNm3j1mXEegNFxQnYEZEDale233IIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7fab9461fd44105c-ORD
expires
Wed, 21 Aug 2024 13:49:31 GMT
garena-free-fire-game-together-4k-u2-2048x1152.jpg
images.hdqwalls.com/download/
2 MB
2 MB
Image
General
Full URL
https://images.hdqwalls.com/download/garena-free-fire-game-together-4k-u2-2048x1152.jpg
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ca7b2b0b287d33cdc160a03cd0578a0bdd78b4d8ab91cfbbb6a2a925094189c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rudrasharmau.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 13:49:32 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1865745
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
BYPASS
last-modified
Sat, 05 Aug 2023 06:56:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lap40tKPzkOe56jECCYnDbC7kJ%2BXOjQVagS4f1pieRFNFdNf6bglOWkZ%2FQUgYJxw8TLes7Ltd0qkp1cceW3f6d1DCtui8fzcj2dYJ8yfvHYvyGSvJhQ%2FCocg84xLRYx4ATOY7bdqYsmJh2Vc2RmQDPo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
7fab9461fb7210cc-ORD
expires
Sat, 21 Oct 2023 13:49:32 GMT
ml.jpg
rudrasharmau.github.io/RG-GAMING/
121 KB
121 KB
Image
General
Full URL
https://rudrasharmau.github.io/RG-GAMING/ml.jpg
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
28bc4a4d38358340a8fa58307ed14a70b6b5b3c849c343c4d26cc94eabc8743e
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rudrasharmau.github.io/RG-GAMING/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-fastly-request-id
fbaf26cd3a79fd38e0e70db2febe3e9cec0ad30d
strict-transport-security
max-age=31556952
date
Tue, 22 Aug 2023 13:49:31 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
123675
x-served-by
cache-chi-klot8100175-CHI
last-modified
Fri, 23 Sep 2022 14:39:15 GMT
server
GitHub.com
x-github-request-id
B506:90B0:261D690:393D233:64E4BCE9
x-timer
S1692712172.760164,VS0,VE29
etag
"632dc513-1e31b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Tue, 22 Aug 2023 13:59:31 GMT
awaken-andrew-free-fire-3671.jpg
img.gurugamer.com/resize/740x-/2021/04/09/
62 KB
63 KB
Image
General
Full URL
https://img.gurugamer.com/resize/740x-/2021/04/09/awaken-andrew-free-fire-3671.jpg
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c54a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1426c1d2050b5c4a2daab1bb4af7196a9afaa862f0e090d5f09667964700d1bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rudrasharmau.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 13:49:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
63657
pragma
public
server
cloudflare
etag
"acd55923a8895a1c102ac011ce5a2d6f01a407f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ActK1wblubkTSjqe1WnSClfIpPyeRll5k5ivPnZ0lTB%2B5HYtMtHf2e5rD76Q1iWsO4LK%2BulLfs954hJ7cSb90280Bq2hq6XMkKQpLQ8FuTPksGI2Rc9bV%2Fb8MK3R2zPxdBkDbKk4htbFxhkrBi5osg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=157680000, cache_static_2.91, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
7fab9461fca728e9-ORD
x-time
0.098
expires
Sun, 20 Aug 2028 13:49:32 GMT
025.jpg
1.bp.blogspot.com/-INsYM3TfuAk/XTesco_W5vI/AAAAAAAADL0/pgFb1qkHyPY1Ix8waUXUBai5YyC69RhxQCLcBGAs/s1600/
475 KB
475 KB
Image
General
Full URL
https://1.bp.blogspot.com/-INsYM3TfuAk/XTesco_W5vI/AAAAAAAADL0/pgFb1qkHyPY1Ix8waUXUBai5YyC69RhxQCLcBGAs/s1600/025.jpg
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5b334609649ea333d38d4406236fbf22e0b752b3eb9da415cfb5bf70e4579776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rudrasharmau.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 13:49:32 GMT
x-content-type-options
nosniff
server
fife
etag
"vcbe"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="025.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
486289
x-xss-protection
0
expires
Wed, 23 Aug 2023 13:49:32 GMT
316bbe1a2cf1b59eda42203e9bf50ff3png
dl.dir.freefiremobile.com/common/web_event/hash/
34 KB
34 KB
Image
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/hash/316bbe1a2cf1b59eda42203e9bf50ff3png
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4dc27e63791ae0326de1112a3b198e5c2f91cfc2223364d64d7145640faf35e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rudrasharmau.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 13:49:33 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSCGelPidaxUK573HlTRTJ6zs1qqCN73
CF-Cache-Status
REVALIDATED
Last-Modified
Thu, 04 Aug 2022 12:33:57 GMT
Server
cloudflare
ETag
"a14570eef1998b346295010130925c59"
Vary
Accept-Encoding
Content-Type
text/plain
Access-Control-Allow-Origin
*
x-obs-request-id
000001891B8C20B7994A378C7F14073C
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7fab9469ce6be15b-ORD
Content-Length
34333
ADea4I6Nl0AeSuZ2nVbKmrnlTQxDcMR8eqTO1jd3-i5y=s32-c-mo
lh3.googleusercontent.com/ogw/
1 KB
2 KB
Image
General
Full URL
https://lh3.googleusercontent.com/ogw/ADea4I6Nl0AeSuZ2nVbKmrnlTQxDcMR8eqTO1jd3-i5y=s32-c-mo
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8c510a2c5e2ace01518f2788b3e78e9d17ed4ed49928231bd936361c703bb830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rudrasharmau.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 13:49:32 GMT
x-content-type-options
nosniff
server
fife
etag
"vc"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1489
x-xss-protection
0
expires
Wed, 23 Aug 2023 13:49:32 GMT
appstore2.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/
11 KB
12 KB
Image
General
Full URL
https://freefiremobile-a.akamaihd.net/ffwebsite/images/download/appstore2.png
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.143.171 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-29-143-171.deploy.static.akamaitechnologies.com
Software
OBS /
Resource Hash
72c76d5534a6e0df94fec3302fac7e96054d1e1665430ee6dc74e70261926613

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rudrasharmau.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 13:49:31 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS5u48bEumeKstAab8o+7YWmgUK8KdcM
Last-Modified
Thu, 04 Aug 2022 12:38:43 GMT
Server
OBS
ETag
"9cb027f9dad9bb8c8fe4d56819eddcd7"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
x-obs-request-id
00000189E3C34219941E6201E36C33DE
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
11498
googlePlay2.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/
8 KB
9 KB
Image
General
Full URL
https://freefiremobile-a.akamaihd.net/ffwebsite/images/download/googlePlay2.png
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.143.171 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-29-143-171.deploy.static.akamaitechnologies.com
Software
OBS /
Resource Hash
b4e430ab7b2405f6bc883baf550a035edc912aa51f0ac061e5faa78b873fff12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rudrasharmau.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 13:49:31 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS+8UdaNYN7VpKMRnAv0snwCphTiauEJ
Last-Modified
Thu, 04 Aug 2022 12:38:43 GMT
Server
OBS
ETag
"8831569bce8ed34e68b8ada692b683dd"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
x-obs-request-id
00000189E3C345F4901E299747C931E6
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
8502
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rudrasharmau.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 13:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
500363
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10482
last-modified
Tue, 01 Aug 2023 16:35:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64c93459-28f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYPdaRq8Kwk08M%2FDjyASZY7IjMvYoEQj7CHk9KpjlSjdHGnlAt1o%2Fv8UybWqbcnepCOL0%2FfYj7e2kiaHjlz8oOtN1D2CWR0SOO7ayFg9ZUNKAEmZUXTRFZyWJ6opusM4K3mMbuDHs0M8QvRPIts5AxMa"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fab9461de822303-ORD
expires
Sun, 11 Aug 2024 13:49:31 GMT
iphoneX.css
rudrasharmau.github.io/RG-GAMING/
2 KB
934 B
Stylesheet
General
Full URL
https://rudrasharmau.github.io/RG-GAMING/iphoneX.css
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
cda3f52d7053b326e296cf510170280b469e876800b835c9045ec6ca78495216
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rudrasharmau.github.io/RG-GAMING/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-fastly-request-id
d3b44c0e2d7d8438daa454272080955ac3579fd5
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Tue, 22 Aug 2023 13:49:31 GMT
age
0
x-cache
MISS
x-cache-hits
0
x-proxy-cache
MISS
content-length
775
x-served-by
cache-chi-klot8100175-CHI
last-modified
Fri, 23 Sep 2022 14:39:15 GMT
server
GitHub.com
x-github-request-id
AD94:2143:2BA3BC4:3C2A90B:64E4BCEB
x-timer
S1692712172.760027,VS0,VE29
etag
W/"632dc513-9b2"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Tue, 22 Aug 2023 13:59:31 GMT
invoke.js
www.highperformancedformats.com/be9848296acb6750c39e178166abe593/
0
0
Script
General
Full URL
https://www.highperformancedformats.com/be9848296acb6750c39e178166abe593/invoke.js
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://rudrasharmau.github.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 22 Aug 2023 13:49:33 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
earth.png
freefiremobile-a.akamaihd.net/ffwebsite/images/
1 KB
2 KB
Image
General
Full URL
https://freefiremobile-a.akamaihd.net/ffwebsite/images/earth.png
Requested by
Host: rudrasharmau.github.io
URL: https://rudrasharmau.github.io/RG-GAMING/index.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.143.171 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-29-143-171.deploy.static.akamaitechnologies.com
Software
OBS /
Resource Hash
2e494269109a9bef221ce16feb844f0ae67f5491a5278a034caf5cc2bd6889bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rudrasharmau.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 13:49:34 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS/0vzxxEbk9tuXFd7G/aNm4mMR65jIK
Last-Modified
Thu, 04 Aug 2022 12:38:43 GMT
Server
OBS
ETag
"3a1858f745a25033d42e32c7a9dbcc32"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
x-obs-request-id
0000018A1D8202DF994EE6F079D7EDBA
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1358

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| atOptions function| hide

1 Cookies

Domain/Path Name / Value
.esports.net/ Name: __cf_bm
Value: 8wF95peFKWRXSXnCiEz3V0sBFAnxmgSiSlMH5JX167s-1692712171-0-AWG6sVesadhhhv0FIBRkrxzdCATmRW6J8GsW21I4ioLJUgDi7IDAlAw4dLqkvo6QCwMjfatgnaeOJhT05I/2jdY=

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
javascript warning URL: https://rudrasharmau.github.io/RG-GAMING/(Line 74)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highperformancedformats.com/be9848296acb6750c39e178166abe593/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rudrasharmau.github.io/RG-GAMING/(Line 74)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highperformancedformats.com/be9848296acb6750c39e178166abe593/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.highperformancedformats.com/be9848296acb6750c39e178166abe593/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
cdnjs.cloudflare.com
dl.dir.freefiremobile.com
fonts.googleapis.com
freefiremobile-a.akamaihd.net
images.hdqwalls.com
img.gurugamer.com
lh3.googleusercontent.com
rudrasharmau.github.io
www.esports.net
www.highperformancedformats.com
www.talkesport.com
184.29.143.171
192.243.59.20
2606:4700:20::681a:a06
2606:4700:3031::ac43:c54a
2606:4700:3037::ac43:ccd5
2606:4700::6810:9c24
2606:4700::6811:180e
2606:4700::6812:128f
2606:50c0:8002::153
2607:f8b0:4020:805::200a
2607:f8b0:4020:806::2001
1426c1d2050b5c4a2daab1bb4af7196a9afaa862f0e090d5f09667964700d1bd
28bc4a4d38358340a8fa58307ed14a70b6b5b3c849c343c4d26cc94eabc8743e
2e494269109a9bef221ce16feb844f0ae67f5491a5278a034caf5cc2bd6889bb
3ca7b2b0b287d33cdc160a03cd0578a0bdd78b4d8ab91cfbbb6a2a925094189c
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5b334609649ea333d38d4406236fbf22e0b752b3eb9da415cfb5bf70e4579776
72c76d5534a6e0df94fec3302fac7e96054d1e1665430ee6dc74e70261926613
8c510a2c5e2ace01518f2788b3e78e9d17ed4ed49928231bd936361c703bb830
945d0fd8407de79ff688d11ad1ec5bd7bbaa8100d5422548e3690332e7648fab
9b3991660719db3129657df773735fc13e876e49844c7de913e1841024b8b8a3
b4dc27e63791ae0326de1112a3b198e5c2f91cfc2223364d64d7145640faf35e
b4e430ab7b2405f6bc883baf550a035edc912aa51f0ac061e5faa78b873fff12
cda3f52d7053b326e296cf510170280b469e876800b835c9045ec6ca78495216
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
eac5130eebb7604fd0d941171cd59b941bda700dd71eb5073a48698ea7a1b37e
ef3ad3abe921b16d8234a9e2a0a842c4f1bd1032cb7a7e0be55160a759a75155