sso-garena-kiemtravipham.com Open in urlscan Pro
104.21.59.236 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sso-garena-kiemtravipham.com/
Submission: On October 12 via manual (October 12th 2021, 2:23:41 am UTC) from VN — Scanned from DE

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 22 HTTP transactions. The main IP is 104.21.59.236, located in and belongs to CLOUDFLARENET, US. The main domain is sso-garena-kiemtravipham.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 9th 2021. Valid for: a year.

This is the only time sso-garena-kiemtravipham.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Garena Free Fire (Gaming)

Domain & IP information

	IP Address		AS Autonomous System
22	104.21.59.236 104.21.59.236		13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	1

22 104.21.59.236 (None, )

ASN13335 (CLOUDFLARENET, US)

sso-garena-kiemtravipham.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	sso-garena-kiemtravipham.com sso-garena-kiemtravipham.com	168 KB
22	1

	Domain	Requested by
22	sso-garena-kiemtravipham.com	sso-garena-kiemtravipham.com
22	1

This site contains links to these domains. Also see Links.

Domain
platform.garena.vn

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-09` - `2022-10-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sso-garena-kiemtravipham.com/
Frame ID: AF2C05CA6CCE8450B8AA573206C253AD
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Garena Account Center

Detected technologies

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

168 kB
Transfer

551 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://platform.garena.vn/register/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sso-garena-kiemtravipham.com/	4 KB 2 KB	678ms 651ms	Document text/html	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.20 Resource Hash `cb30ab241389ab6402ae35342a72a9fef132b1568164b82623d011761247c780` Request headers :method GET :authority sso-garena-kiemtravipham.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.3.20 vary Accept-Encoding,User-Agent cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmlj325LYX9DzIaQ%2FgBRoE2xdtBGO%2FFNSXrbVJV0Wu7XewPQabMpe9NRZLfCneBlZRNynEQTNWCAMO5cdJASYNqzkdbqXeAfG2t7hL%2FhnjoIbrTU0EPDwol2yN%2B1tnAtm74V%2FWqKhH2W5b9aX74B"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 69ccddfa9f1b0614-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	sso.css sso-garena-kiemtravipham.com/css/	32 KB 6 KB	20ms 15ms	Stylesheet text/css	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/css/sso.css?v=0.54 Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a2f461fe6a92b6c2d6098a91682b30de5f47a7082bab8d788db8d8bcccafe968` Request headers :path /css/sso.css?v=0.54 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare age 3873 etag W/"611b5432-806b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtcpspDVl3StHr1Sxoa7t9L9Z4w5VgswRaCHHRP3jazGsZOpTa77wDsqX7hRpl7NFwDFOe%2Fjpt1QqjUqFrtwPIW8PeZYPNeEOYDNMxgVm6JqoShGozVk1%2FLeVinFPclXJQ5MnnFscmuKHFpa%2Fo5W"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccddfedb140614-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	jquery-1.10.2.min.js Show response sso-garena-kiemtravipham.com/js/	154 KB 40 KB	21ms 16ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/js/jquery-1.10.2.min.js Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `065491a7b4c33e25ccdf8c2867e5dfdfce3714d520d49505570b70ac984be141` Request headers :path /js/jquery-1.10.2.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare age 3873 etag W/"611b5432-26966" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZbWruWy4b9DRJ8JVngivO8Kl%2FD%2FdQb3Bp0Fl2ttkFprzf%2FoB2Vi6eyJTJXBsSRBBAv4ey9bZTRMCvvl189x1RCkpa%2Bpv13OaEb9eNep9gOCb58LI1K56FaXkii86MxgPnS8RQXVvzJ%2F2c%2F5utFQ"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccddfedb150614-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	crypto.js Show response sso-garena-kiemtravipham.com/js/	34 KB 8 KB	15ms 10ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/js/crypto.js?v=0.60 Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b7cf39030baf4af2b410f172305dd58075a2ce10712fa201aa9061ffd941d994` Request headers :path /js/crypto.js?v=0.60 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare age 3873 etag W/"611b5432-89ba" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlKzMsWKUuEgsD4qj6BatSpzt6q42K0FCxaIclA5iXvOfBdWBdiliZfwO9tH97Gb%2BlAV7uK%2FzTpZwCVsk8C7mjMNHel51iq8Vzr7ItLSBGoMdu7zK2xDWRXWuqUmcNYR8vsP6eDOZ45L%2FdEnk4rd"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccddfedb160614-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	countries.js Show response sso-garena-kiemtravipham.com/js/	23 KB 4 KB	17ms 12ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/js/countries.js?v=0.30 Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `59102315d6e08c70636de366d6b9549bc35e657e3087ecb88f5f427d35789d07` Request headers :path /js/countries.js?v=0.30 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare age 3873 etag W/"611b5432-5c9a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDag%2Bu6PPTvSR5DDtuSoNBKtJ5zJqGZQmQ%2BA83SoomI7M8Ryp7AVRcR4l4IE5Njx7Wa0psAij%2F6%2BnKC82%2BFcAVv%2B6h2CYOK5BAE7lFOmz%2BFPxk%2Fg2J%2FpxSHXeOpVy%2BwjyJXwEzJkvm24jNDXIsZ4"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccddfedb190614-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	locales.js Show response sso-garena-kiemtravipham.com/js/	1 KB 624 B	15ms 11ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/js/locales.js?v=0.03 Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6e78560981a206cc4a79e6be42699895d3d61d27e28eb9122c1768c3dc9cee3e` Request headers :path /js/locales.js?v=0.03 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare age 3873 etag W/"611b5432-50e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gwQj0jBLX7bVhKjTaRJRoEnzjFB%2B4E9wjadcSXPTKRxByacIsLYt1QpiHFYIehp33OsNhFV%2F3ZA5TvQnoOPJPBBYlVWdp8LHAe0z%2F4XmoX5Xlv%2BXznJ8AUctQ3mIq7tcdTwwv2jgXBRKeW7TqTz"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccddfedb1a0614-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	vi.js Show response sso-garena-kiemtravipham.com/i18n/sso/	17 KB 5 KB	17ms 12ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/i18n/sso/vi.js?v=0.58 Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6efdda04b018bb13c17428ba52521c0c5a090f49bc218c99c60e98a75a8d5e73` Request headers :path /i18n/sso/vi.js?v=0.58 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare age 3873 etag W/"611b5432-42c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJmPsIeR7nB2mK8Bp%2B6y1rbu7hSnASEAfFuD7%2FBVW5%2FFCxsbg1aWHMi9o2mGxxKTvMS%2B3aXDikiWTd8OwsXCtW9EH9nABci3izRVfhbjsvIBk3iNm2DS8zKM8vJbIXD%2Bcps2OTYyPpZtlr84tqvT"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccddfedb1b0614-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	js.cookie.js Show response sso-garena-kiemtravipham.com/js/	5 KB 2 KB	15ms 11ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/js/js.cookie.js Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `86959c48e5128998d086f04b0afd8601f0859ab94d55c54720eec3f82c34845a` Request headers :path /js/js.cookie.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare age 3872 etag W/"611b5432-1477" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJ5eNORhdvEHyxSalxJ4Td%2FcZPpDIyNg0M8zsEU%2BkAGMyMXtHFfFmHcpt0MIs0vtJjA8NmauJihIfY%2FTrI39EdWy9VWBY8MwSTYsXgQ5Q2VIhVfpkEYe9qFwR1pZ%2BaFAUlpiu5Bj8JCrPCfYI0vK"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccddfedb1c0614-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	aes.min.js Show response sso-garena-kiemtravipham.com/js/	36 KB 9 KB	22ms 18ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/js/aes.min.js Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d05597848d8dc6e98fc78d186eda74f07dffaf51c56b2b1c407fece83126b72d` Request headers :path /js/aes.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare age 3872 etag W/"611b5432-913a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y39utLGerMBFNSN0y7ys5JwoojaSKXUvoH%2Br9U6lND8jOLm%2B%2F3Jm7meS6DKSbaKiIPmVGRVR1KDbd7jPLt1uF6UC6Hv46ZT9o%2BbcTFTBpdDpKZ%2FEIjNFAAUtOpwVNEPzTCXlR39jmcWdbL3Vw0LS"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccddfedb1d0614-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	test.js Show response sso-garena-kiemtravipham.com/js/	2 KB 1 KB	17ms 13ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/js/test.js Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8cbd6a7ce847a30a41d35b4db7e8e8d6d232685a4228ff9a1d2b631cabacc06d` Request headers :path /js/test.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare age 3872 etag W/"611b5432-8d1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1A%2FZIGn47dBtu%2Fy66hBYwwTXfugNmrnTtFMnfWRdQveWpkQnRFP3X89fBx2hmVxipdV29y5QmjVpf7FwJta9g66G%2BN51gcb4WiJC5rklSOI%2BFDHp6Z%2BrxiG7%2FxSg2pkq4%2FF3iaCNUJjGOSe1G4m"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccddfedb1e0614-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	settings.js Show response sso-garena-kiemtravipham.com/js/sso/	3 KB 1 KB	16ms 13ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/js/sso/settings.js Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `aeeaaef57909611c8870518a1c2437ffb3decb651d2b4efbe8916f60c5ae92d8` Request headers :path /js/sso/settings.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare age 3872 etag W/"611b5432-b47" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aZkknU6BQ%2FMgKKXRndOP1Geywum4tVQZCNj5AeIpmAAHidmgM5WoKBGLoFOmuh8YYafRY4GiesXN3jL3brau12hp47NPTJx%2B3oxzabbmpfJ5a5aoC3eX%2B6Iuw9ikHpWv3ZE63fTr9Tt9og9UKEZ"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccddfedb1f0614-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	utils.js Show response sso-garena-kiemtravipham.com/js/sso/	5 KB 2 KB	21ms 18ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/js/sso/utils.js Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `91a639f7f59655693aa7b903067bea9316000932bd6af5a4d67ec0ce5a783542` Request headers :path /js/sso/utils.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare age 3871 etag W/"611b5432-1435" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9avoqDq%2F2cx6sfSUCs5Zt7aQM7dWt%2Fb9Wbxo0Xs%2FvftvqRlVvYEt3AocCur%2B%2FXUv%2B9%2FjZeHfKrmTulE9%2Fbvs5KUISeNWbkWegwDxR5P7Uym8%2BnLHElun7N4tSaptXIfCHVQdfVte0MmF4SdaJjLK"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccddfedb200614-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	captcha.js Show response sso-garena-kiemtravipham.com/js/sso/	3 KB 1 KB	22ms 19ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/js/sso/captcha.js Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3d8da12873b56304ef6a1b8adc92302c3ffb07fec44da0be70ee4064583095e6` Request headers :path /js/sso/captcha.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare age 3871 etag W/"611b5432-beb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgGyLd8nfgIKiKdm6phOdgkOlJT2sxLngepFLdphCo2%2FDLhHBmJ%2Fhdvn6WR5m8uJLQHtxBkaCy%2BTb6G1x2UCtNKeMibrVgcOZ2ZXEyDe6KReZvdDqlPVn3aJZ55n4M17Iud%2B4jAmU5716E2myewX"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccddfedb220614-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	content.js Show response sso-garena-kiemtravipham.com/js/sso/	9 KB 3 KB	22ms 19ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/js/sso/content.js Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `877b2127f7a04a38a60635994e7730c6b1d74284ae2cec5cdd5bee2b25d69688` Request headers :path /js/sso/content.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare age 3871 etag W/"611b5432-2354" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wBB4etPXE1wO%2FoqUwBUNGgl%2FtfOO0yz9gRRdQ6ERpKZdccTjeveM42jor8ZAZ1akBMqR535fcxmc1n%2BxLIEsovJQkFMmAtukI%2BO4gL8KY3ssYseMVDP2WpDX1JJqQayLFPWngnLC3W7qe66zZ5U"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccddfedb240614-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	register.js Show response sso-garena-kiemtravipham.com/js/sso/	26 KB 5 KB	21ms 18ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/js/sso/register.js Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ba30df72a0c972b35a7cba9d41a88c21eafcadbe97bd4204ce5917fe75002327` Request headers :path /js/sso/register.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare age 3871 etag W/"611b5432-68f6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RurMZJynk4u49%2F%2Ff8FjTLX0wkdzPWab9fjdMtF4pH7wMvDuGQyl%2F2nGUQ18t9lOqldBM6C5J3VtnwcUijktJAH4fPia%2BjfW8HeIYoCf7aSMOXfp7uWl%2F4YXTDX22Co%2F%2F7WrFuHmhD%2BG5E0MnmcWd"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccddfedb270614-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	sso.js Show response sso-garena-kiemtravipham.com/js/	50 KB 9 KB	21ms 19ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/js/sso.js?v=0.81 Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c5cac5effe0bf16c54d116a820e9e070f0d12f771b5ca6dfbd872b2559a22fbe` Request headers :path /js/sso.js?v=0.81 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare age 3871 etag W/"611b5432-c66a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQhbVG2WHBJ8zt%2BPRyaYLg5KlaE73B143n9YBuRqPeAJMMzCgPsseFkf%2BwwWcBr4gUsCqDv7lzr6%2B0h33WcQlm5SIBrQ8zlI7gJN99ETuToRT62W2PPoJSSuESBw4iZOSCtmGXu2WbabCO9ilLjU"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccddfedb2a0614-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	bg.png sso-garena-kiemtravipham.com/images/	2 KB 2 KB	17ms 15ms	Image image/png	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sso-garena-kiemtravipham.com/images/bg.png Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/css/sso.css?v=0.54 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `55ff8578db3a7e8d57214fb961b4c908ce5fd4bf66a53be77d989b1b16d82410` Request headers :path /images/bg.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/css/sso.css?v=0.54 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/css/sso.css?v=0.54 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:36 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3854 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1550 last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare etag "611b5432-60e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FS9PxU36MBZNBGGJEqVy1MOdx7thEJ9AcaGZ4HdnU%2F8zJiUsfVvsFcL8sE9%2Fk9cgcR%2FvY2os%2F9hgkdc%2FVVxqof88HDBka6XW11J%2BasVNbfcSb1okfTgTTvdD3WIjz%2FLPnPU9b4a0ZUWmNeada5Ue"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 69ccddfefe7368e5-FRA
GET H3	200	mtcaptcha.min.js Show response sso-garena-kiemtravipham.com/js/	64 KB 25 KB	669ms 668ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/js/mtcaptcha.min.js Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/js/sso/captcha.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `42fbff401c6145da687687a2acefc5ffda7f0d7183f3d55c4d1484ef53b9bbca` Request headers :path /js/mtcaptcha.min.js pragma no-cache cookie GOP=70daf37573870c58336459f22471dd07 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:37 GMT content-encoding br cf-cache-status MISS last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare etag W/"611b5432-100be" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGK3wZSUcslVmiAdM0fT31FAfwsdSoOOUQ3MCEOw2sx1ajiBMspXq3b1o1W4SXsRvcg5MBlwvCFPcpkQTao%2FVglc1bFiXZbRbg%2BZXMhAgV60bbrRtNpfcXu1I7TcV4LyX%2BsI53sUpONY3%2BBi3Ez8"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccde00882b68e5-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	mtcaptcha2.min.js Show response sso-garena-kiemtravipham.com/js/	64 KB 25 KB	653ms 652ms	Script application/javascript	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sso-garena-kiemtravipham.com/js/mtcaptcha2.min.js Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/js/sso/captcha.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2cb9be129eac9c99fd59387894c24d9ed8363b4e11d5f049be8ae71ae75b433b` Request headers :path /js/mtcaptcha2.min.js pragma no-cache cookie GOP=70daf37573870c58336459f22471dd07 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:37 GMT content-encoding br cf-cache-status MISS last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare etag W/"611b5432-1019c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eU1GORdbv6Y0P9ek4whNi5WwWUDfisIAWb2lOIVGAdj0Te4K28jI7CR4lPF6EafgrSBQGm9BNLODkzlGDUqne2XtDBu6ZPcwsHKLipTkvqrGxBx%2FUkZn8dbnN7ExgLyU50SleiTbfuHSpUJqHN1u"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69ccde00882c68e5-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	earth.png sso-garena-kiemtravipham.com/images/	522 B 1 KB	448ms 448ms	Image image/png	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sso-garena-kiemtravipham.com/images/earth.png Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/css/sso.css?v=0.54 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `85af81f91c93450bb15d6f7f75ca7e96fcbda0b12cc4a6fb9bf04bff4783600c` Request headers :path /images/earth.png pragma no-cache cookie GOP=70daf37573870c58336459f22471dd07 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/css/sso.css?v=0.54 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/css/sso.css?v=0.54 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:37 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 522 last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare etag "20a-5c9bb4177f080" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXHdcrjqeglqFtvFBjZg57imZ0k8xUu60WgShAI5au8wv638oB2xObbOGMagORLebeX6VARK%2FyLoTe4vSMHTDNmOp5v5KbjzC3qf%2B6CTLBZrJPYnDFaiBc9o%2BlUW%2Ftwje0cjWE5rG08KL9NQEBa9"}],"group":"cf-nel","max_age":604800} content-type image/png x-accel-version 0.01 cache-control max-age=14400 accept-ranges bytes cf-ray 69ccde00983268e5-FRA
GET H3	200	logo-facebook.png sso-garena-kiemtravipham.com/images/	9 KB 10 KB	456ms 456ms	Image image/png	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sso-garena-kiemtravipham.com/images/logo-facebook.png Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/css/sso.css?v=0.54 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2` Request headers :path /images/logo-facebook.png pragma no-cache cookie GOP=70daf37573870c58336459f22471dd07 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/css/sso.css?v=0.54 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/css/sso.css?v=0.54 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:37 GMT cf-cache-status MISS last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare etag "611b5432-23d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AEx4XYgtz%2FYsKO5pMxwOWc3eQceln7mHovT7SNbH3Rt1toHyUbgWOXc6RTo48z0ifxGQ99kCp3epJap5S79j5f2bh9mBpNbHfj6D9763K9XxfltgstAso4bNPbxCR%2FUNMyp6ulx8FpaeBjFBCIT"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 69ccde00983468e5-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 9175
GET H3	200	img_garena_logo.png sso-garena-kiemtravipham.com/images/	6 KB 7 KB	437ms 437ms	Image image/png	104.21.59.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sso-garena-kiemtravipham.com/images/img_garena_logo.png Requested by Host: sso-garena-kiemtravipham.com URL: https://sso-garena-kiemtravipham.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.59.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1052ac0fe02e8c3300c458dc1a059335150c1e46d0476a5d0fb5a809af3ef263` Request headers :path /images/img_garena_logo.png pragma no-cache cookie GOP=70daf37573870c58336459f22471dd07 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority sso-garena-kiemtravipham.com referer https://sso-garena-kiemtravipham.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sso-garena-kiemtravipham.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 02:23:37 GMT cf-cache-status MISS last-modified Tue, 17 Aug 2021 06:16:18 GMT server cloudflare etag "611b5432-17e2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMEzqO4lLEfLi93YzIAl313TSutrimimDn7%2FO4tJ5Y5tmPVTOnc7YG479nLfwrFeEIN3mMka02Yc0nkvhigBqDMzVfmqdW1VNaX%2FftoWYk%2F8UcgFsvmNkzFt3EITwlrQVBss5ZIq29P2G3DpLRKX"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 69ccde00a84568e5-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 6114

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Garena Free Fire (Gaming)

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sso-garena-kiemtravipham.com/	1969-12-31 23:59:59	Name: GOP Value: 70daf37573870c58336459f22471dd07

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sso-garena-kiemtravipham.com
104.21.59.236
065491a7b4c33e25ccdf8c2867e5dfdfce3714d520d49505570b70ac984be141
1052ac0fe02e8c3300c458dc1a059335150c1e46d0476a5d0fb5a809af3ef263
2cb9be129eac9c99fd59387894c24d9ed8363b4e11d5f049be8ae71ae75b433b
3d8da12873b56304ef6a1b8adc92302c3ffb07fec44da0be70ee4064583095e6
42fbff401c6145da687687a2acefc5ffda7f0d7183f3d55c4d1484ef53b9bbca
55ff8578db3a7e8d57214fb961b4c908ce5fd4bf66a53be77d989b1b16d82410
59102315d6e08c70636de366d6b9549bc35e657e3087ecb88f5f427d35789d07
6e78560981a206cc4a79e6be42699895d3d61d27e28eb9122c1768c3dc9cee3e
6efdda04b018bb13c17428ba52521c0c5a090f49bc218c99c60e98a75a8d5e73
85af81f91c93450bb15d6f7f75ca7e96fcbda0b12cc4a6fb9bf04bff4783600c
86959c48e5128998d086f04b0afd8601f0859ab94d55c54720eec3f82c34845a
877b2127f7a04a38a60635994e7730c6b1d74284ae2cec5cdd5bee2b25d69688
8cbd6a7ce847a30a41d35b4db7e8e8d6d232685a4228ff9a1d2b631cabacc06d
91a639f7f59655693aa7b903067bea9316000932bd6af5a4d67ec0ce5a783542
94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2
a2f461fe6a92b6c2d6098a91682b30de5f47a7082bab8d788db8d8bcccafe968
aeeaaef57909611c8870518a1c2437ffb3decb651d2b4efbe8916f60c5ae92d8
b7cf39030baf4af2b410f172305dd58075a2ce10712fa201aa9061ffd941d994
ba30df72a0c972b35a7cba9d41a88c21eafcadbe97bd4204ce5917fe75002327
c5cac5effe0bf16c54d116a820e9e070f0d12f771b5ca6dfbd872b2559a22fbe
cb30ab241389ab6402ae35342a72a9fef132b1568164b82623d011761247c780
d05597848d8dc6e98fc78d186eda74f07dffaf51c56b2b1c407fece83126b72d

sso-garena-kiemtravipham.com Open in urlscan Pro 104.21.59.236 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

168 kBTransfer

551 kBSize

1 Cookies

1 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

120 JavaScript Global Variables

1 Cookies

Indicators

sso-garena-kiemtravipham.com Open in urlscan Pro
104.21.59.236 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

168 kB
Transfer

551 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!