sso-garena-kiemtravipham.com
Open in
urlscan Pro
104.21.59.236
Malicious Activity!
Public Scan
Submission: On October 12 via manual from VN — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 9th 2021. Valid for: a year.
This is the only time sso-garena-kiemtravipham.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Garena Free Fire (Gaming)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 104.21.59.236 104.21.59.236 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
22 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
sso-garena-kiemtravipham.com
sso-garena-kiemtravipham.com |
168 KB |
22 | 1 |
Domain | Requested by | |
---|---|---|
22 | sso-garena-kiemtravipham.com |
sso-garena-kiemtravipham.com
|
22 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
platform.garena.vn |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-10-09 - 2022-10-08 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sso-garena-kiemtravipham.com/
Frame ID: AF2C05CA6CCE8450B8AA573206C253AD
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
Garena Account CenterDetected technologies
Mautic (Marketing Automation) ExpandDetected patterns
- [^a-z]mtc.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
sso-garena-kiemtravipham.com/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sso.css
sso-garena-kiemtravipham.com/css/ |
32 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.10.2.min.js
sso-garena-kiemtravipham.com/js/ |
154 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crypto.js
sso-garena-kiemtravipham.com/js/ |
34 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
countries.js
sso-garena-kiemtravipham.com/js/ |
23 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
locales.js
sso-garena-kiemtravipham.com/js/ |
1 KB 624 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vi.js
sso-garena-kiemtravipham.com/i18n/sso/ |
17 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js.cookie.js
sso-garena-kiemtravipham.com/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aes.min.js
sso-garena-kiemtravipham.com/js/ |
36 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
test.js
sso-garena-kiemtravipham.com/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings.js
sso-garena-kiemtravipham.com/js/sso/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utils.js
sso-garena-kiemtravipham.com/js/sso/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
captcha.js
sso-garena-kiemtravipham.com/js/sso/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
content.js
sso-garena-kiemtravipham.com/js/sso/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
register.js
sso-garena-kiemtravipham.com/js/sso/ |
26 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sso.js
sso-garena-kiemtravipham.com/js/ |
50 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg.png
sso-garena-kiemtravipham.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mtcaptcha.min.js
sso-garena-kiemtravipham.com/js/ |
64 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mtcaptcha2.min.js
sso-garena-kiemtravipham.com/js/ |
64 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
earth.png
sso-garena-kiemtravipham.com/images/ |
522 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-facebook.png
sso-garena-kiemtravipham.com/images/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
img_garena_logo.png
sso-garena-kiemtravipham.com/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Garena Free Fire (Gaming)120 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| CryptoJS object| COUNTRY_LIST object| LOCALE_LIST object| SSO_SERVER_I18N function| Cookies object| slowAES function| toNumbers function| toHex function| Return_A function| Return_B function| choi object| SETTINGS string| captcha_key object| mobile_register_request string| SSO_SERVER_URL string| SSO_URL_API_PRELOGIN string| SSO_URL_API_LOGIN string| SSO_URL_API_LOGOUT string| SSO_URL_UI_REGISTER string| SSO_URL_API_AUTH string| SSO_URL_OAUTH_TOKEN_FACEBOOK_EXCHANGE string| SSO_URL_OAUTH_TOKEN_VK_EXCHANGE string| SSO_URL_OAUTH_TOKEN_LINE_EXCHANGE string| SSO_URL_OAUTH_TOKEN_GOOGLE_EXCHANGE string| SSO_URL_OAUTH_TOKEN_HUAWEI_EXCHANGE string| SSO_URL_OAUTH_TOKEN_APPLE_EXCHANGE_WEB string| SSO_URL_OAUTH_TOKEN_TWITTER_EXCHANGE string| SSO_URL_OAUTH_TWITTER_REQUEST_TOKEN string| SSO_URL_API_REG string| SSO_URL_API_REG_PREPARE string| SSO_URL_API_REG_CHECK string| SSO_URL_API_SEND_SMS_OTP string| SSO_URL_API_VERIFY_MOBILE_NO string| DEFAULT_REDIRECT_URL string| FACEBOOK_OAUTH_URL string| VK_OAUTH_URL string| GOOGLE_OAUTH_URL string| LINE_OAUTH_URL string| HUAWEI_OAUTH_URL string| TWITTER_OAUTH_URL string| APPLE_OAUTH_URL string| GAS_APP_URL string| GAS_IOS string| GAS_ANDROID string| CAPTCHA_SERVICE string| CAPTCHA_SERVICE_TEST string| DEFAULT_LOCALE string| ACCOUNT_CENTER_URL string| ACCOUNT_CENTER_TEST_URL string| ACCOUNT_CENTER_RECOVERY_URL string| ACCOUNT_CENTER_RECOVERY_TEST_URL string| FB_PLATFORM_MODE number| KEY_CODE_ENTER number| PLATFORM_GARENA number| PLATFORM_BEETALK number| PLATFORM_FACEBOOK number| PLATFORM_VK number| PLATFORM_LINE number| PLATFORM_HUAWEI number| PLATFORM_GOOGLE number| PLATFORM_APPLE number| PLATFORM_TWITTER number| OTP_SMS_INTERVAL number| OTP_REGISTER_INTERVAL function| isMobile function| _ function| getLocale function| getCurrentBaseUrl function| getUrlParams function| getRequestParams function| getRequestParam function| getRequestFragments function| getRequestFragment function| getRedirectUriWithParms function| redirect function| redirectWithFragments function| setCookie function| removeCookie function| changePlatform function| requestJsonp function| requestJson function| showCaptcha function| uuid function| refreshCaptcha function| hideCaptcha object| mtcaptchaConfig function| loadMTCaptcha function| showMTCaptcha function| resetMTCaptcha function| removeMTCaptcha object| VERIFIED_TOKEN function| setMTCaptchaToken function| clearPage function| centralizeContent function| showContent function| appendClearDiv function| clearMessage function| showMessage function| showMobileRegisterAlert function| showSuccess function| showError function| centralizeDialog function| removeDialog function| showDialog function| showPageDialog function| checkPasswordValid function| showCaptchaDialog function| requestJsonWithCaptchaProtection function| showRegisterPage function| showRegisterFinishPage object| SSO_SERVER object| c object| b object| jQuery11020596017193040459 undefined| mtcaptcha2 object| mtcaptcha1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sso-garena-kiemtravipham.com/ | Name: GOP Value: 70daf37573870c58336459f22471dd07 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sso-garena-kiemtravipham.com
104.21.59.236
065491a7b4c33e25ccdf8c2867e5dfdfce3714d520d49505570b70ac984be141
1052ac0fe02e8c3300c458dc1a059335150c1e46d0476a5d0fb5a809af3ef263
2cb9be129eac9c99fd59387894c24d9ed8363b4e11d5f049be8ae71ae75b433b
3d8da12873b56304ef6a1b8adc92302c3ffb07fec44da0be70ee4064583095e6
42fbff401c6145da687687a2acefc5ffda7f0d7183f3d55c4d1484ef53b9bbca
55ff8578db3a7e8d57214fb961b4c908ce5fd4bf66a53be77d989b1b16d82410
59102315d6e08c70636de366d6b9549bc35e657e3087ecb88f5f427d35789d07
6e78560981a206cc4a79e6be42699895d3d61d27e28eb9122c1768c3dc9cee3e
6efdda04b018bb13c17428ba52521c0c5a090f49bc218c99c60e98a75a8d5e73
85af81f91c93450bb15d6f7f75ca7e96fcbda0b12cc4a6fb9bf04bff4783600c
86959c48e5128998d086f04b0afd8601f0859ab94d55c54720eec3f82c34845a
877b2127f7a04a38a60635994e7730c6b1d74284ae2cec5cdd5bee2b25d69688
8cbd6a7ce847a30a41d35b4db7e8e8d6d232685a4228ff9a1d2b631cabacc06d
91a639f7f59655693aa7b903067bea9316000932bd6af5a4d67ec0ce5a783542
94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2
a2f461fe6a92b6c2d6098a91682b30de5f47a7082bab8d788db8d8bcccafe968
aeeaaef57909611c8870518a1c2437ffb3decb651d2b4efbe8916f60c5ae92d8
b7cf39030baf4af2b410f172305dd58075a2ce10712fa201aa9061ffd941d994
ba30df72a0c972b35a7cba9d41a88c21eafcadbe97bd4204ce5917fe75002327
c5cac5effe0bf16c54d116a820e9e070f0d12f771b5ca6dfbd872b2559a22fbe
cb30ab241389ab6402ae35342a72a9fef132b1568164b82623d011761247c780
d05597848d8dc6e98fc78d186eda74f07dffaf51c56b2b1c407fece83126b72d