claimitemfreefire-2022.ml
Open in
urlscan Pro
2606:4700:3034::6815:4b11
Malicious Activity!
Public Scan
Submission: On December 18 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 18th 2021. Valid for: 3 months.
This is the only time claimitemfreefire-2022.ml was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 2606:4700:303... 2606:4700:3034::6815:4b11 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2.16.107.41 2.16.107.41 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a04:4e42:54::84 2a04:4e42:54::84 | 54113 (FASTLY) (FASTLY) | |
1 | 141.94.99.191 141.94.99.191 | 16276 (OVH) (OVH) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
5 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 65.9.64.81 65.9.64.81 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 163.172.212.102 163.172.212.102 | 12876 (Online SAS) (Online SAS) | |
1 | 2606:4700:10:... 2606:4700:10::6816:3d47 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
31 | 12 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-41.deploy.static.akamaitechnologies.com
freefiremobile-a.akamaihd.net |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-64-81.fra56.r.cloudfront.net
api.pubgameshowtime.com |
ASN12876 (Online SAS, FR)
PTR: 163-172-212-102.rev.poneytelecom.eu
f.top4top.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
claimitemfreefire-2022.ml
claimitemfreefire-2022.ml |
2 MB |
5 |
googleapis.com
fonts.googleapis.com |
3 KB |
3 |
gstatic.com
fonts.gstatic.com |
48 KB |
1 |
wallpapercave.com
wallpapercave.com |
444 KB |
1 |
top4top.io
f.top4top.io |
648 KB |
1 |
pubgameshowtime.com
api.pubgameshowtime.com |
426 B |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
ibb.co
i.ibb.co |
1 KB |
1 |
pinimg.com
i.pinimg.com |
26 KB |
1 |
akamaihd.net
freefiremobile-a.akamaihd.net |
2 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
6 KB |
0 |
randomjs.com
Failed
randomjs.com Failed |
|
31 | 12 |
Domain | Requested by | |
---|---|---|
14 | claimitemfreefire-2022.ml |
claimitemfreefire-2022.ml
|
5 | fonts.googleapis.com |
claimitemfreefire-2022.ml
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | wallpapercave.com |
claimitemfreefire-2022.ml
|
1 | f.top4top.io |
claimitemfreefire-2022.ml
|
1 | api.pubgameshowtime.com |
code.jquery.com
|
1 | code.jquery.com |
claimitemfreefire-2022.ml
|
1 | i.ibb.co |
claimitemfreefire-2022.ml
|
1 | i.pinimg.com |
claimitemfreefire-2022.ml
|
1 | freefiremobile-a.akamaihd.net |
claimitemfreefire-2022.ml
|
1 | cdnjs.cloudflare.com |
claimitemfreefire-2022.ml
|
0 | randomjs.com Failed |
claimitemfreefire-2022.ml
|
31 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.claimitemfreefire-2022.ml R3 |
2021-12-18 - 2022-03-18 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
a248.e.akamai.net DigiCert SHA2 Secure Server CA |
2021-07-15 - 2022-07-20 |
a year | crt.sh |
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-27 - 2022-08-05 |
a year | crt.sh |
ibb.co R3 |
2021-12-05 - 2022-03-05 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
api.pubgameshowtime.com Amazon |
2020-04-17 - 2021-05-17 |
a year | crt.sh |
top4top.io R3 |
2021-10-30 - 2022-01-28 |
3 months | crt.sh |
wallpapercave.com Cloudflare Inc ECC CA-3 |
2021-10-09 - 2022-10-08 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://claimitemfreefire-2022.ml/
Frame ID: 38D895864D0705DA6D42E8FB281B691C
Requests: 31 HTTP requests in this frame
Screenshot
Page Title
FREE FIRE INDONESIADetected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
claimitemfreefire-2022.ml/ |
17 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
claimitemfreefire-2022.ml/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.css
claimitemfreefire-2022.ml/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-small_20210113.png
freefiremobile-a.akamaihd.net/common/web_event/official/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
675666d840a9c8fa1c61eaf584ff2a50.gif
i.pinimg.com/originals/67/56/66/ |
25 KB 26 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crate.jpg
claimitemfreefire-2022.ml/ngMedia/ |
493 KB 494 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook_text.png
claimitemfreefire-2022.ml/img/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
thumbnail.jpg
i.ibb.co/fFbdRKj/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1.0.0.js
randomjs.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ngBg.3gpp
claimitemfreefire-2022.ml/ngMedia/ |
1 MB 1 MB |
Media
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popSound.mp4
claimitemfreefire-2022.ml/ngMedia/ |
18 KB 18 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clickSound.mpeg
claimitemfreefire-2022.ml/ngMedia/ |
9 KB 10 KB |
Media
video/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
399 B 387 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
728 B 877 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
1 KB 525 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
1 KB 502 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
378 B 371 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6.jpg
claimitemfreefire-2022.ml/ngMedia/ngReward/ |
33 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
24.jpg
claimitemfreefire-2022.ml/ngMedia/ngReward/ |
116 KB 117 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
31.jpg
claimitemfreefire-2022.ml/ngMedia/ngReward/ |
263 KB 264 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
14.jpg
claimitemfreefire-2022.ml/ngMedia/ngReward/ |
382 KB 383 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4.jpg
claimitemfreefire-2022.ml/ngMedia/ngReward/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getcountry
api.pubgameshowtime.com/ip/ |
59 B 426 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p_2072opz2q5.jpg
f.top4top.io/ |
646 KB 648 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp6827098.jpg
wallpapercave.com/wp/ |
443 KB 444 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cIf9MaFLtkE3UjaJ9C6hYQ.woff2
fonts.gstatic.com/s/sniglet/v12/ |
24 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2
fonts.gstatic.com/s/fredokaone/v8/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RrQfboBx-C5_XxrBbg.woff2
fonts.gstatic.com/s/acme/v11/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
digital-7.ttf
claimitemfreefire-2022.ml/ngMedia/ |
105 KB 44 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- randomjs.com
- URL
- https://randomjs.com/1.0.0.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| openCrate number| countDownDate number| x function| tiktok function| checkip function| valid0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.pubgameshowtime.com
cdnjs.cloudflare.com
claimitemfreefire-2022.ml
code.jquery.com
f.top4top.io
fonts.googleapis.com
fonts.gstatic.com
freefiremobile-a.akamaihd.net
i.ibb.co
i.pinimg.com
randomjs.com
wallpapercave.com
randomjs.com
141.94.99.191
163.172.212.102
2.16.107.41
2001:4de0:ac18::1:a:3a
2606:4700:10::6816:3d47
2606:4700:3034::6815:4b11
2606:4700::6810:125e
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
2a04:4e42:54::84
65.9.64.81
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
104b8338fe458890a927c07c902f3675055226ad97f898ce523acd358a5b6ae9
1a4a3fd645c4d3668ae63a17150f293ca95d1a743baac3aece8a4446e6e346e2
1ac0787254aa7a1e125885fdc5aba866dc7c3f406e596a7f17b399f10a7d3999
383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0
3895476107ca7059eae80df1cd387245e111e3899dfdffbf5b0193b1743afdaa
398cdf5368493b91862a38ac78d7a47d8c90a922ac4710092a754470ff5ab49c
3a124f7c8781af398764ba316b3fa7bad44e83520f78a90521b0cbb3012a783b
3c91f1efaa227e417bce31248ba3b45bf0118dd9b0a0b9652f227b42a37c4648
4c8c501f2643af6e7cf81a765e7b7cdb8a76dcea523fb875bd17faa355aada23
5473bb5ad6e474d0fdbaf9bde667a0a7b516d31a52f583792ef927666edb4dec
572b033ea8f1072b9cbbd17462095c08c070b3e898ec8952d3fc2228577e7dc4
5f047fdd4bf3ea2e7994115f284fb06c93a7c1c0333993db02cef24004527f51
6079598ca6146c5463794913e4ead6bfd284c86f0c4b3f9298a87e999f2833cf
654cb99fb0cdc3b32bf8efbd77c8171f09580840dbd8084e3dbd2427210a9b9e
6f49a3460d02695e4d95596206144506779462fbda9875dc45b7ac46ab645606
718746d6d553ccd21160c5605f9893c9d4dcb3acb250b29661651739d35370dd
73be6524fb9be16d689e253fab524c347e665480c42487fa7ca0be7966cc0261
77fb74c793e3bfa921d1cbfa6f781ac9a024c2b8aec71efd5495977f68bf5a9a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8176bef1d9ec55d133dd7acf8886ecf9e7d4232ef06e511511872741cc08a56e
8236bb8a75d2f546115bc1e68c82e00d341c82c7e6882cd4061cf460ef0c55d4
8c77cd0cb3cc4a3f294c6b86ba5302fe3139f89758ac460e5f5fb6a6a01b5dec
b5bfeab68d153699fdf0d57d92c5b2d9ede9cdf031697989a9e2a978e9b677c5
b82ec79a87b79ba6f90b5b18614d3a49b4bf9bce01a9519e18dfd4aaf739df97
d685d0f6c6cb505aeba79995624a71cda1d1769b01f52628eda1f5d04bf1cdcb
ece5c1b9c7018fe87ced5b0786e6d9a7e80738039501f41e5264a8dcacce9e8b
f58beaba5f7381ecc5a682cdbe508cd28f8f1565abce59e7870d3e9aea8a7f51
fc2a48620db3d4fc294dc90839055ac9edaa61301fb6614098cb32da05603482
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e