urlscan.io logo urlscan.io
SecurityTrails logo

2dgalgame.com Open in urlscan Pro
2606:4700:3034::ac43:d1e6  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://2dgalgame.com/wp-content/plugins/page/
Effective URL: https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreA...
Submission: On January 12 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3034::ac43:d1e6, located in United States and belongs to CLOUDFLARENET, US. The main domain is 2dgalgame.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 30th 2020. Valid for: a year.
This is the only time 2dgalgame.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fake Adobe Update

Domain & IP information

3    2606:4700:3034::ac43:d1e6 (United States)

ASN13335 (CLOUDFLARENET, US)
2dgalgame.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a02:26f0:6c00::210:ba49 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
www.adobe.com
1    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
3 www.google.com 2dgalgame.com
www.gstatic.com
3 2dgalgame.com 2dgalgame.com
1 www.gstatic.com www.google.com
1 i.imgur.com 2dgalgame.com
1 ajax.googleapis.com 2dgalgame.com
1 www.adobe.com 2dgalgame.com
1 maxcdn.bootstrapcdn.com 2dgalgame.com
11 7

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-09-30 -
2021-09-30		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
*.adobe.com
DigiCert SHA2 Secure Server CA		 2019-11-22 -
2021-02-20		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
Frame ID: 06D922805AE11C4165630E2761CB1909
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeHGOYUAAAAAAhc9QMY1NuncTFjuzcglsFjxrII&co=aHR0cHM6Ly8yZGdhbGdhbWUuY29tOjQ0Mw..&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=normal&cb=1mzcg0pqzh9m
Frame ID: D01D3CB6A5F5F981E23A6A1C2FD5EFFE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&k=6LeHGOYUAAAAAAhc9QMY1NuncTFjuzcglsFjxrII&cb=qepgagjuicuu
Frame ID: 628B173E4CD0C31F903F27C2879F2F20
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://2dgalgame.com/wp-content/plugins/page/ Page URL
  2. https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

11
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

7
Subdomains

8
IPs

4
Countries

223 kB
Transfer

509 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://2dgalgame.com/wp-content/plugins/page/ Page URL
  2. https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
2dgalgame.com/wp-content/plugins/page/ 		281 B
792 B 		Document
General
Check archive.org
Download Go to
Full URL
https://2dgalgame.com/wp-content/plugins/page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de2e34349d5136edfcd3927b0dff3e6e78b0e405ace7a97bc880460249272a79

Request headers

:method
GET
:authority
2dgalgame.com
:scheme
https
:path
/wp-content/plugins/page/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 15:22:49 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df1b3a47d72ef45ccdec88a78dd336f4c1610464967; expires=Thu, 11-Feb-21 15:22:47 GMT; path=/; domain=.2dgalgame.com; HttpOnly; SameSite=Lax
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0798ca550700001766331c3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YkFvLvbzhquxfDGfvITdnqb5WYo%2FILh9nanwJ1Qnqd6zMXq0h1lI5JZ6ty7CdqaBT%2FdKETlIcGxbn8uzjV%2B49LUDQ4VcBegNZGRewOYzlIZuoKEMQeDb8pzR"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6107e001aad61766-FRA
content-encoding
br
Primary Request token.php
2dgalgame.com/wp-content/plugins/page/verify/ 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
Requested by
Host: 2dgalgame.com
URL: https://2dgalgame.com/wp-content/plugins/page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0fb22ea5beacc0837a565f3ec656e2db14e4f6cad143e688c90719c4f5584c7

Request headers

:method
GET
:authority
2dgalgame.com
:scheme
https
:path
/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://2dgalgame.com/wp-content/plugins/page/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=df1b3a47d72ef45ccdec88a78dd336f4c1610464967
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://2dgalgame.com/wp-content/plugins/page/

Response headers

date
Tue, 12 Jan 2021 15:22:51 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0798ca5c280000176639a19000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rYoTdqUVhGdQWvqxlWVA1myWLh4us6GEVoU7OVImxjlcsdX7zpC95EN%2FoklBHylDpgHVwBdhbZPq7TtvXRmgL6JkyidjJOvf7DMl3dy8IN6YOKzFy5FsVZxj"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6107e00d0c441766-FRA
content-encoding
br
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: 2dgalgame.com
URL: https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 15:22:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
style.css
2dgalgame.com/wp-content/plugins/page/assets/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2dgalgame.com/wp-content/plugins/page/assets/style.css
Requested by
Host: 2dgalgame.com
URL: https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb0d1b2657af304862d9e587ba0249b8887546dbd786f7ef6dc615ea04f9c95

Request headers

Referer
https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 15:22:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Jan 2021 21:42:52 GMT
server
cloudflare
etag
W/"5ff7805c-1678"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R%2FFZ5Z75J8fcr2FsCvsNrepX57nmCoueAnUSL7dJ5d3jF1nacUUwkPop%2FSpJO7GYnCUWurGHSPNJRCAp%2BxALoTb%2BDPzBXCY9gPh6w506mpW%2BeY%2FqnDjajrOg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6107e0181d131766-FRA
cf-request-id
0798ca631000001766071f7000000001
expires
Wed, 13 Jan 2021 03:22:52 GMT
adobe-A.svg
www.adobe.com/content/dam/cc/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adobe.com/content/dam/cc/icons/adobe-A.svg
Requested by
Host: 2dgalgame.com
URL: https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
c092b596de62a50cd02cdd7a580c9a9de1fa84e7e5fbdc91db4515c90d0a9845
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
x-content-type-options
nosniff
x-adobe-source
128.61
content-length
830
last-modified
Mon, 11 Jan 2021 05:44:44 GMT
server
Apache
x-adobe-loc
ew1
x-frame-options
SAMEORIGIN
date
Tue, 12 Jan 2021 15:22:51 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=21600
x-adobe-content
AEM-cc
accept-ranges
bytes
expires
Tue, 12 Jan 2021 21:22:51 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: 2dgalgame.com
URL: https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 06:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31967
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jan 2022 06:30:04 GMT
api.js
www.google.com/recaptcha/ 		850 B
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: 2dgalgame.com
URL: https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c04cbfe21e23ceb866fae28e981a17dfe9ce6cb178943dda6f11a495255ec137
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 15:22:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Tue, 12 Jan 2021 15:22:51 GMT
qLcPmYb.jpg
i.imgur.com/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/qLcPmYb.jpg
Requested by
Host: 2dgalgame.com
URL: https://2dgalgame.com/wp-content/plugins/page/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
180f3bc8288f8f33b56133542536937dadecc33ceb27fcba770739061a4f5f80
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://2dgalgame.com/wp-content/plugins/page/assets/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 15:22:52 GMT
x-content-type-options
nosniff
age
1320054
x-cache
HIT, HIT
content-length
48843
x-served-by
cache-bwi5135-BWI, cache-fra19130-FRA
last-modified
Sat, 29 Dec 2018 09:03:04 GMT
server
cat factory 1.0
x-timer
S1610464972.365480,VS0,VE1
etag
"47eb410e11eb45bef6391d125b3dec31"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
recaptcha__en.js
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ 		334 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://2dgalgame.com
Referer
https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4069
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133916
x-xss-protection
0
last-modified
Sun, 06 Dec 2020 23:05:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jan 2022 14:15:03 GMT
anchor
www.google.com/recaptcha/api2/ Frame D01D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeHGOYUAAAAAAhc9QMY1NuncTFjuzcglsFjxrII&co=aHR0cHM6Ly8yZGdhbGdhbWUuY29tOjQ0Mw..&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=normal&cb=1mzcg0pqzh9m
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b6TMNVhawCpxDBE8MyYcUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LeHGOYUAAAAAAhc9QMY1NuncTFjuzcglsFjxrII&co=aHR0cHM6Ly8yZGdhbGdhbWUuY29tOjQ0Mw..&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=normal&cb=1mzcg0pqzh9m
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 12 Jan 2021 15:22:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-b6TMNVhawCpxDBE8MyYcUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
11513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bframe
www.google.com/recaptcha/api2/ Frame 628B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&k=6LeHGOYUAAAAAAhc9QMY1NuncTFjuzcglsFjxrII&cb=qepgagjuicuu
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VGd1axWVMKPmcZD7RgRykw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&k=6LeHGOYUAAAAAAhc9QMY1NuncTFjuzcglsFjxrII&cb=qepgagjuicuu
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://2dgalgame.com/wp-content/plugins/page/verify/token.php?_encoding=UTF8&563b26e53f924565be3cdd695fb43b7c&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=1.0&openid.pape.max_auth_age=

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 12 Jan 2021 15:22:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-VGd1axWVMKPmcZD7RgRykw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1124
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fake Adobe Update

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_134855

0 Cookies