urlscan.io logo urlscan.io
SecurityTrails logo

www.testlogin.danghieu.com Open in urlscan Pro
23.108.96.28  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.testlogin.danghieu.com/
Submission: On May 24 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 23.108.96.28, located in Atlanta, United States and belongs to LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG. The main domain is www.testlogin.danghieu.com.
TLS certificate: Issued by testlogin.danghieu.com on May 24th 2022. Valid for: a year.
This is the only time www.testlogin.danghieu.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Garena Free Fire (Gaming)

Domain & IP information

IP Address AS Autonomous System
17 23.108.96.28 59253 (LEASEWEB-...)
17 1
Apex Domain
Subdomains		 Transfer
17 danghieu.com
www.testlogin.danghieu.com
80 KB
17 1
Domain Requested by
17 www.testlogin.danghieu.com www.testlogin.danghieu.com
17 1

This site contains links to these domains. Also see Links.

Domain
platform.garena.vn
Subject Issuer Validity Valid
testlogin.danghieu.com
testlogin.danghieu.com		 2022-05-24 -
2023-05-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.testlogin.danghieu.com/
Frame ID: 213681DE76EDD856795CA50516AC95B7
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Garena Account Center

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

80 kB
Transfer

271 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.testlogin.danghieu.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.testlogin.danghieu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
748d90f1d3e79ddb9aedce332da7cce80477b1a499817f4115db11ce3198a6d5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
1319
content-type
text/html
date
Tue, 24 May 2022 11:53:45 GMT
last-modified
Tue, 24 May 2022 04:16:30 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
sso.css
www.testlogin.danghieu.com/css/ 		30 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.testlogin.danghieu.com/css/sso.css?v=0.58
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
7c113741e6f628540370bec76930b1e9454d93f2db0ad5a63b6879438b9247bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:45 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 04:12:14 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5315
expires
Tue, 31 May 2022 11:53:45 GMT
jquery-1.10.2.min.js
www.testlogin.danghieu.com/js/ 		91 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.testlogin.danghieu.com/js/jquery-1.10.2.min.js
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:45 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 04:10:50 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
31897
expires
Tue, 31 May 2022 11:53:45 GMT
crypto.js
www.testlogin.danghieu.com/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.testlogin.danghieu.com/js/crypto.js?v=0.60
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
8a61dcc3d3782dd66699ceb450d63ee1e5bf77e429ac4d3c613b52a1d6f8c98f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:45 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 04:10:54 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5853
expires
Tue, 31 May 2022 11:53:45 GMT
countries.js
www.testlogin.danghieu.com/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.testlogin.danghieu.com/js/countries.js?v=0.30
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
f044c6db150819618ec646c5dba0f9b9dd5fedc650cf0700a60853f43465bee0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:45 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 04:10:56 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3701
expires
Tue, 31 May 2022 11:53:45 GMT
locales.js
www.testlogin.danghieu.com/js/ 		856 B
350 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.testlogin.danghieu.com/js/locales.js?v=0.03
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
87815e8484a9445d01005526e7a86c40ec3aef73674871fb20f660093b44ce0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:45 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 04:10:58 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
294
expires
Tue, 31 May 2022 11:53:45 GMT
vi.js
www.testlogin.danghieu.com/i18n/sso/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.testlogin.danghieu.com/i18n/sso/vi.js?v=0.58
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
49f74e5065b7e5554454084c20be6682d7cdcf650a7e6b2e0a711747e2a04f54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:45 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 04:11:00 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5008
expires
Tue, 31 May 2022 11:53:45 GMT
js.cookie.js
www.testlogin.danghieu.com/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.testlogin.danghieu.com/js/js.cookie.js?v=0.01
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:45 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 04:12:30 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1339
expires
Tue, 31 May 2022 11:53:45 GMT
settings.js
www.testlogin.danghieu.com/js/sso/ 		3 KB
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.testlogin.danghieu.com/js/sso/settings.js?v=0.01
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
f66e59ecac493b836de7faa7b0d4f5e1a5e5153a34f4b4e9f6349f78cf97b57e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:45 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 04:22:06 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
833
expires
Tue, 31 May 2022 11:53:45 GMT
utils.js
www.testlogin.danghieu.com/js/sso/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.testlogin.danghieu.com/js/sso/utils.js?v=0.01
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
421d77a0e489b592870e4bb5379191960c6168f5f25372ee8859f4a09f592fe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:45 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 04:12:56 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1410
expires
Tue, 31 May 2022 11:53:45 GMT
captcha.js
www.testlogin.danghieu.com/js/sso/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.testlogin.danghieu.com/js/sso/captcha.js?v=0.01
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
645f7b6927bfff44c46a69c40c59d31d0cbe0b87a8170875ee1c8d8e5990aef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:45 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 04:13:00 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2145
expires
Tue, 31 May 2022 11:53:45 GMT
content.js
www.testlogin.danghieu.com/js/sso/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.testlogin.danghieu.com/js/sso/content.js?v=0.01
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
47fffe9cb26cb2202e5417bc993429c7ac998207d4b192a4d096376ae752fe96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:45 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 04:13:02 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2203
expires
Tue, 31 May 2022 11:53:45 GMT
register.js
www.testlogin.danghieu.com/js/sso/ 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.testlogin.danghieu.com/js/sso/register.js?v=0.01
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
f53f2bc1c56e937ed56ff07bcbb966355ccf65b105d24373e901015d46b0bc0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:45 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 04:13:04 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4048
expires
Tue, 31 May 2022 11:53:45 GMT
sso.js
www.testlogin.danghieu.com/js/ 		39 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.testlogin.danghieu.com/js/sso.js?v=0.81
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
47097fb21ece23f61db771050e4ec05ce91972f605d78ae6ec2242d1d5f0e619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:45 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 04:37:26 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7200
expires
Tue, 31 May 2022 11:53:45 GMT
bg.png
www.testlogin.danghieu.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.testlogin.danghieu.com/images/bg.png
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/css/sso.css?v=0.58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
55ff8578db3a7e8d57214fb961b4c908ce5fd4bf66a53be77d989b1b16d82410

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/css/sso.css?v=0.58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:45 GMT
last-modified
Tue, 24 May 2022 04:13:38 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1550
expires
Tue, 31 May 2022 11:53:45 GMT
earth.png
www.testlogin.danghieu.com/images/ 		522 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.testlogin.danghieu.com/images/earth.png
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/css/sso.css?v=0.58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
85af81f91c93450bb15d6f7f75ca7e96fcbda0b12cc4a6fb9bf04bff4783600c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/css/sso.css?v=0.58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:46 GMT
last-modified
Tue, 24 May 2022 04:14:38 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
522
expires
Tue, 31 May 2022 11:53:46 GMT
img_garena_logo.png
www.testlogin.danghieu.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.testlogin.danghieu.com/images/img_garena_logo.png
Requested by
Host: www.testlogin.danghieu.com
URL: https://www.testlogin.danghieu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
1052ac0fe02e8c3300c458dc1a059335150c1e46d0476a5d0fb5a809af3ef263

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.testlogin.danghieu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:53:46 GMT
last-modified
Tue, 24 May 2022 04:14:10 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6114
expires
Tue, 31 May 2022 11:53:46 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Garena Free Fire (Gaming)

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery object| CryptoJS object| COUNTRY_LIST object| LOCALE_LIST object| SSO_SERVER_I18N function| Cookies object| SETTINGS string| captcha_key object| mobile_register_request string| SSO_SERVER_URL string| SSO_URL_API_PRELOGIN string| SSO_URL_API_LOGIN string| SSO_URL_API_LOGOUT string| SSO_URL_UI_REGISTER string| SSO_URL_API_AUTH string| SSO_URL_OAUTH_TOKEN_FACEBOOK_EXCHANGE string| SSO_URL_OAUTH_TOKEN_VK_EXCHANGE string| SSO_URL_OAUTH_TOKEN_LINE_EXCHANGE string| SSO_URL_OAUTH_TOKEN_GOOGLE_EXCHANGE string| SSO_URL_OAUTH_TOKEN_HUAWEI_EXCHANGE string| SSO_URL_OAUTH_TOKEN_APPLE_EXCHANGE_WEB string| SSO_URL_OAUTH_TOKEN_TWITTER_EXCHANGE string| SSO_URL_OAUTH_TWITTER_REQUEST_TOKEN string| SSO_URL_API_REG string| SSO_URL_API_REG_PREPARE string| SSO_URL_API_REG_CHECK string| SSO_URL_API_SEND_SMS_OTP string| SSO_URL_API_VERIFY_MOBILE_NO string| DEFAULT_REDIRECT_URL string| FACEBOOK_OAUTH_URL string| VK_OAUTH_URL string| GOOGLE_OAUTH_URL string| LINE_OAUTH_URL string| HUAWEI_OAUTH_URL string| TWITTER_OAUTH_URL string| APPLE_OAUTH_URL string| GAS_APP_URL string| GAS_IOS string| GAS_ANDROID string| CAPTCHA_SERVICE string| CAPTCHA_SERVICE_TEST string| DEFAULT_LOCALE string| ACCOUNT_CENTER_URL string| ACCOUNT_CENTER_TEST_URL string| ACCOUNT_CENTER_RECOVERY_URL string| ACCOUNT_CENTER_RECOVERY_TEST_URL string| FB_PLATFORM_MODE number| KEY_CODE_ENTER number| PLATFORM_GARENA number| PLATFORM_BEETALK number| PLATFORM_FACEBOOK number| PLATFORM_VK number| PLATFORM_LINE number| PLATFORM_HUAWEI number| PLATFORM_GOOGLE number| PLATFORM_APPLE number| PLATFORM_TWITTER number| OTP_SMS_INTERVAL number| OTP_REGISTER_INTERVAL function| isMobile function| _ function| getLocale function| getCurrentBaseUrl function| getUrlParams function| getRequestParams function| getRequestParam function| getRequestFragments function| getRequestFragment function| getRedirectUriWithParms function| redirect function| redirectWithFragments function| setCookie function| removeCookie function| changePlatform function| requestJsonp function| requestJson function| showCaptcha function| getCookie function| uuid function| refreshCaptcha function| hideCaptcha object| ReCaptchaWidgetIDMap function| renderRecaptcha function| getRecaptchaWrapperID function| getGacaptchaWrapperID function| getShopeeCaptchaWrapperID function| centralizeCaptchaDialog function| initCaptchaDialog function| hideAllCaptchaWrapper function| hideCaptchaDialog function| getCaptchaID function| ReCaptchaVerifyCallback function| showReCaptchaDialog function| showGarenaCaptchaDialog function| showShopeeCaptchaDialog function| requestJsonWithCaptchaDialogProtection function| clearPage function| centralizeContent function| showContent function| appendClearDiv function| clearMessage function| showMessage function| showMobileRegisterAlert function| showSuccess function| showError function| centralizeDialog function| removeDialog function| showDialog function| showPageDialog function| checkPasswordValid function| showRegisterPage function| showRegisterFinishPage object| SSO_SERVER object| jQuery1102035879112173891725

0 Cookies