eventgarena-freefire-claimnow.gq
Open in
urlscan Pro
5.189.183.39
Malicious Activity!
Public Scan
Effective URL: http://eventgarena-freefire-claimnow.gq/collect.php?season-25
Submission: On December 07 via manual from GB
Summary
This is the only time eventgarena-freefire-claimnow.gq was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 5.189.183.39 5.189.183.39 | 51167 (CONTABO) (CONTABO) | |
2 | 209.197.3.15 209.197.3.15 | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:f48:2000... 2a00:f48:2000:1023::3 | 47447 (TTM) (TTM) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 45.13.133.241 45.13.133.241 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
5 | 2a00:1450:400... 2a00:1450:4001:819::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
28 | 8 |
ASN51167 (CONTABO, DE)
PTR: vmi475119.contaboserver.net
eventgarena-freefire-claimnow.gq |
ASN20446 (HIGHWINDS3, US)
PTR: vip0x00f.map2.ssl.hwcdn.net
stackpath.bootstrapcdn.com | |
maxcdn.bootstrapcdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
eventgarena-freefire-claimnow.gq
eventgarena-freefire-claimnow.gq |
781 KB |
5 |
gstatic.com
fonts.gstatic.com |
42 KB |
3 |
bootstrapcdn.com
stackpath.bootstrapcdn.com maxcdn.bootstrapcdn.com |
92 KB |
2 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
30 KB |
1 |
oketekno.com
oketekno.com |
620 KB |
1 |
rawgit.com
cdn.rawgit.com |
6 KB |
28 | 6 |
Domain | Requested by | |
---|---|---|
16 | eventgarena-freefire-claimnow.gq |
eventgarena-freefire-claimnow.gq
|
5 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | stackpath.bootstrapcdn.com |
eventgarena-freefire-claimnow.gq
stackpath.bootstrapcdn.com |
1 | oketekno.com |
eventgarena-freefire-claimnow.gq
|
1 | fonts.googleapis.com |
eventgarena-freefire-claimnow.gq
|
1 | cdn.rawgit.com |
eventgarena-freefire-claimnow.gq
|
1 | maxcdn.bootstrapcdn.com |
eventgarena-freefire-claimnow.gq
|
1 | ajax.googleapis.com |
eventgarena-freefire-claimnow.gq
|
28 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-22 - 2021-10-12 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
cdn.rawgit.com ZeroSSL RSA Domain Secure Site CA |
2020-11-18 - 2021-02-16 |
3 months | crt.sh |
oketekno.com Sectigo RSA Domain Validation Secure Server CA |
2020-05-01 - 2021-05-02 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://eventgarena-freefire-claimnow.gq/collect.php?season-25
Frame ID: 164FEE821AD00A887A458E8539C34616
Requests: 28 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://eventgarena-freefire-claimnow.gq/ Page URL
- http://eventgarena-freefire-claimnow.gq/collect.php?season-25 Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
LiteSpeed (Web Servers) Expand
Detected patterns
- headers server /^LiteSpeed$/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://eventgarena-freefire-claimnow.gq/ Page URL
- http://eventgarena-freefire-claimnow.gq/collect.php?season-25 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
eventgarena-freefire-claimnow.gq/ |
110 B 320 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
collect.php
eventgarena-freefire-claimnow.gq/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
eventgarena-freefire-claimnow.gq/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ |
82 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ |
36 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
freefire.png
eventgarena-freefire-claimnow.gq/img/logo/ |
42 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_delete.png
eventgarena-freefire-claimnow.gq/img/bg/ |
221 B 513 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb.png
eventgarena-freefire-claimnow.gq/img/login-popup/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sc-cupid.jpg
eventgarena-freefire-claimnow.gq/img/sc/ |
430 KB 430 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alok.jpg
eventgarena-freefire-claimnow.gq/img/sc/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
titan.jpg
eventgarena-freefire-claimnow.gq/img/sc/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sg.jpg
eventgarena-freefire-claimnow.gq/img/sc/ |
45 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v5.jpg
eventgarena-freefire-claimnow.gq/img/sc/ |
45 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v6.jpg
eventgarena-freefire-claimnow.gq/img/sc/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
epas1.jpg
eventgarena-freefire-claimnow.gq/img/sc/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
epas2.jpg
eventgarena-freefire-claimnow.gq/img/sc/ |
35 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
epas3.jpg
eventgarena-freefire-claimnow.gq/img/sc/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
garena-logo.png
eventgarena-freefire-claimnow.gq/img/logo/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
efek-salju.js
cdn.rawgit.com/bungfrangki/efeksalju/2a7805c7/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
11 KB 1001 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Redeem-Free-Fire-Code.png
oketekno.com/wp-content/uploads/2018/09/ |
619 KB 620 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LYjCdG7kmE0gdQhfsCRgqHAtXN8.woff2
fonts.gstatic.com/s/teko/v10/ |
6 KB 6 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LYjNdG7kmE0gfaN9pQlCpVo.woff2
fonts.gstatic.com/s/teko/v10/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ |
75 KB 75 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LYjCdG7kmE0gdVBesCRgqHAtXN8.woff2
fonts.gstatic.com/s/teko/v10/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| mousedwn object| snowStorm function| SnowStorm0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.rawgit.com
eventgarena-freefire-claimnow.gq
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
oketekno.com
stackpath.bootstrapcdn.com
2001:4de0:ac19::1:b:1b
209.197.3.15
2a00:1450:4001:803::200a
2a00:1450:4001:819::2003
2a00:1450:4001:820::200a
2a00:f48:2000:1023::3
45.13.133.241
5.189.183.39
0677c8c691151d0b2de6a6f75372296cd3c918a9901767e5aa070f55a22d110c
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f7b880f9ac112bc3a7ad75e8eb84fb59bf570883cd2148046ec7ea0d0fa7df0
223b77b83f36bbb35ab758436d78c26f3a86b6bef7e5d685b4dc5518239988f6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f5ed77faf29839c9d46e57e4b4a39b84edc143818579a7e0db1f61f9c58f084
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4d8e2a43c8edf7bf05a37c4d4d884e6dd45491b01b5ffec0b32c484d8e97f577
50be7c111edafd117181816a82b2fd78f90699d84af8872ac7aaccb2d3bcf36b
593a0767e6c25e3463cfbcd988ad2b40780ead5483bf39f4ed268c362cbbf1f6
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fe3669004075e54d014ed35a9aa83bad333abb37b7c90f2ab52ef6b26db314b
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9410c7c6116036bb7932ba608f4af768edd7e60dafc369f2a1ab88ea884a460a
a50d0e7109c6c415d7c6c2ea5d18dcbb6b1c0ce7d9cb91b0f7756de317fb4004
b0a9c064c81aaefc80b9ef48a962d07e56fc0ef6f96732b2180944a7c63d746b
b8962a0b955eaea01a202afa848afb9bdf9b644492132aaa8f7b9f80349d458b
bd841547143e8efee6ecb6bb37466e8cff3d3794060ceab3550d35529218d062
d098d87da399fb8a4fdf8f7b65043d221d7073de25064a5085cf62325b82988c
d2c56dafacf424a7fdd905d4925b2bf3e3d40f55031a77cbc59c213855b0c4c1
d64b7632c82fb8ac69e03d3a1e9f7af5e4da14ae56cfd916b48d756afe484713
d7b6532d41f64f8c0da394469aa453616430a436158edeb19e3a4ebe5c18208b
e5843c1c13f4693b9c325451314a807de8287ee46c1636e943a2f99f68a596a8
e67e12836a5fcdd65d630a0deea7ae050e3248276f801d5f1dc320d9f8a5a0a9
f0b08ec2ed6df859ab95e65dc99a38009f09f4567b8697ba764a09242272698f
f58c74f74dd78db18bb7e00a71c39762c739e3abc44d928d7f9ed2a71dbab1d5