![](/screenshots/693d991c-8dd5-4c86-ae01-9a7ada6584d2.png)
ambil-hadiahgratis2022.eventclaim.xyz
Open in
urlscan Pro
2a06:98c1:3120::7
Malicious Activity!
Public Scan
Submission: On May 01 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2022. Valid for: a year.
This is the only time ambil-hadiahgratis2022.eventclaim.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 2a06:98c1:312... 2a06:98c1:3120::7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2606:4700::68... 2606:4700::6810:5814 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 65.21.235.194 65.21.235.194 | 24940 (HETZNER-AS) (HETZNER-AS) | |
3 | 92.123.225.40 92.123.225.40 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 114.125.194.209 114.125.194.209 | 23693 (TELKOMSEL...) (TELKOMSEL-ASN-ID PT. Telekomunikasi Selular) | |
3 | 114.125.163.209 114.125.163.209 | 23693 (TELKOMSEL...) (TELKOMSEL-ASN-ID PT. Telekomunikasi Selular) | |
1 | 34.124.140.41 34.124.140.41 | 15169 (GOOGLE) (GOOGLE) | |
1 | 107.161.50.42 107.161.50.42 | 395092 (SHOCK-1) (SHOCK-1) | |
1 | 104.90.137.209 104.90.137.209 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
22 | 9 |
ASN13335 (CLOUDFLARENET, US)
ambil-hadiahgratis2022.eventclaim.xyz |
ASN24940 (HETZNER-AS, DE)
PTR: static.194.235.21.65.clients.your-server.de
h.top4top.io |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-40.deploy.static.akamaitechnologies.com
freefiremobile-a.akamaihd.net |
ASN23693 (TELKOMSEL-ASN-ID PT. Telekomunikasi Selular, ID)
scontent.fupg2-2.fna.fbcdn.net |
ASN23693 (TELKOMSEL-ASN-ID PT. Telekomunikasi Selular, ID)
scontent.fupg1-1.fna.fbcdn.net |
ASN15169 (GOOGLE, US)
PTR: 41.140.124.34.bc.googleusercontent.com
reward.ff.garena.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-90-137-209.deploy.static.akamaitechnologies.com
img.utdstc.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
eventclaim.xyz
ambil-hadiahgratis2022.eventclaim.xyz |
6 KB |
5 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 430 |
20 KB |
4 |
fbcdn.net
scontent.fupg2-2.fna.fbcdn.net — Cisco Umbrella Rank: 313948 scontent.fupg1-1.fna.fbcdn.net — Cisco Umbrella Rank: 353141 |
84 B |
3 |
akamaihd.net
freefiremobile-a.akamaihd.net — Cisco Umbrella Rank: 28372 |
22 KB |
1 |
utdstc.com
img.utdstc.com — Cisco Umbrella Rank: 120796 |
14 KB |
1 |
im.ge
i.im.ge |
28 KB |
1 |
garena.com
reward.ff.garena.com — Cisco Umbrella Rank: 408131 |
|
1 |
top4top.io
h.top4top.io — Cisco Umbrella Rank: 431594 |
85 KB |
22 | 8 |
Domain | Requested by | |
---|---|---|
6 | ambil-hadiahgratis2022.eventclaim.xyz |
ambil-hadiahgratis2022.eventclaim.xyz
|
5 | cdn.jsdelivr.net |
ambil-hadiahgratis2022.eventclaim.xyz
|
3 | scontent.fupg1-1.fna.fbcdn.net |
ambil-hadiahgratis2022.eventclaim.xyz
|
3 | freefiremobile-a.akamaihd.net |
ambil-hadiahgratis2022.eventclaim.xyz
|
1 | img.utdstc.com |
ambil-hadiahgratis2022.eventclaim.xyz
|
1 | i.im.ge |
ambil-hadiahgratis2022.eventclaim.xyz
|
1 | reward.ff.garena.com |
ambil-hadiahgratis2022.eventclaim.xyz
|
1 | scontent.fupg2-2.fna.fbcdn.net |
ambil-hadiahgratis2022.eventclaim.xyz
|
1 | h.top4top.io |
ambil-hadiahgratis2022.eventclaim.xyz
|
22 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-04-29 - 2023-04-28 |
a year | crt.sh |
top4top.io R3 |
2022-04-14 - 2022-07-13 |
3 months | crt.sh |
a248.e.akamai.net DigiCert SHA2 Secure Server CA |
2021-07-15 - 2022-07-20 |
a year | crt.sh |
*.fupg2-2.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA |
2022-04-06 - 2022-07-05 |
3 months | crt.sh |
*.fupg1-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA |
2022-03-14 - 2022-06-12 |
3 months | crt.sh |
reward.ff.garena.com SSL.com RSA SSL subCA |
2022-01-04 - 2023-01-04 |
a year | crt.sh |
i.im.ge Sectigo RSA Domain Validation Secure Server CA |
2021-09-25 - 2022-09-25 |
a year | crt.sh |
uptodown.com DigiCert SHA2 Secure Server CA |
2021-09-14 - 2022-09-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ambil-hadiahgratis2022.eventclaim.xyz/
Frame ID: EA633D93EDAF0E0C93B10C97823B977C
Requests: 22 HTTP requests in this frame
Screenshot
![](/screenshots/693d991c-8dd5-4c86-ae01-9a7ada6584d2.png)
Page Title
Garena Free Fire. Best survival Battle Royale on mobile!Detected technologies
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ambil-hadiahgratis2022.eventclaim.xyz/ |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
ambil-hadiahgratis2022.eventclaim.xyz/assets/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.css
ambil-hadiahgratis2022.eventclaim.xyz/assets/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ionic.esm.js
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p_2016h7ob71.gif
h.top4top.io/ |
85 KB 85 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-small-fixed_20210113.png
freefiremobile-a.akamaihd.net/common/web_event/official/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
googleplay3.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
appstore3.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
241543902_1446185982480681_7409049520154647750_n.jpg
scontent.fupg2-2.fna.fbcdn.net/v/t1.6435-9/ |
21 B 21 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
241562344_1446609652438314_8802689386444928640_n.jpg
scontent.fupg1-1.fna.fbcdn.net/v/t1.6435-9/ |
21 B 21 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
241746545_1446054609160485_1235853491988693942_n.jpg
scontent.fupg1-1.fna.fbcdn.net/v/t1.6435-9/ |
21 B 21 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
241310298_1445937372505542_924987460367632454_n.jpg
scontent.fupg1-1.fna.fbcdn.net/v/t1.6435-9/ |
21 B 21 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c34038edcf4185b3e75a6b85f1cd3d4f.jpg
reward.ff.garena.com/images/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.jpg
ambil-hadiahgratis2022.eventclaim.xyz/assets/images/evo/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Tw3QNy.png
i.im.ge/2021/09/15/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e61511ae88f7d52fac67cd4c4f9c739bf71572d2923e1acf512f249ae0544fd4:200
img.utdstc.com/icon/e61/511/ |
14 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base64.min.js
cdn.jsdelivr.net/npm/js-base64@3.7.1/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ambil-hadiahgratis2022.eventclaim.xyz/assets/js/jquery/dist/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validFB.js
ambil-hadiahgratis2022.eventclaim.xyz/assets/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
p-3b5bf7c6.js
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ |
15 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
p-969bdb2b.js
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ |
121 B 894 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
p-5c5506c2.js
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| Base64 function| δΉ‹ function| __sc_import_ionic object| Ionic0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ambil-hadiahgratis2022.eventclaim.xyz
cdn.jsdelivr.net
freefiremobile-a.akamaihd.net
h.top4top.io
i.im.ge
img.utdstc.com
reward.ff.garena.com
scontent.fupg1-1.fna.fbcdn.net
scontent.fupg2-2.fna.fbcdn.net
104.90.137.209
107.161.50.42
114.125.163.209
114.125.194.209
2606:4700::6810:5814
2a06:98c1:3120::7
34.124.140.41
65.21.235.194
92.123.225.40
07c60246a4ac7d8fe6078972ad94d08699ed1d5edd31d7fca05ea4c9b2d67599
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
30ef81804d91505e0d941d11ffbc9910159c9af94025ff42d50606e479dad297
4fae6b0eb07e3fbf137e7338ed11f8f3649723c71da033e02d86aabadbbc09fb
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
5fdee2e038f429a375232d05f63cd678928d077343b176dc15884f26c048e653
72c2cf177ae0a7d2b1579a9cc888dfabf750ef64d172ee0990cf35fec4ef3673
a9fd6085027e4ac8bde87a63acb7f5f03f6297a7d40a353b9e2d37b380e03e67
cd51bf0a5665e55258f20d1dc1fae0b2d953d0e057c3ce9285b04df70a547d4b
cf79123839e77d4e4bae8db0daf5d35e660bb5abb98300032040d97cf63a593a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec84d6f9c7949610524782d382825e502c72a145515cd746a8e9b87066dac8bf
f2d0dae13baddb4ef853a0ea61bafaa18f9db27317019673a000df156ad86f92
f86674a2ea19b924b511e1aa79e93c276e748cde8de5e588cd12d00769b2424b