event-freefire-gratis-terbaru-222222.duckdns.org Open in urlscan Pro
40.82.208.111 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://event-freefire-gratis-terbaru-222222.duckdns.org/
Submission: On April 20 via automatic, source phishtank (April 20th 2022, 12:25:48 am UTC) — Scanned from DE

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 6 countries across 12 domains to perform 55 HTTP transactions. The main IP is 40.82.208.111, located in Sydney, Australia and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is event-freefire-gratis-terbaru-222222.duckdns.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 19th 2022. Valid for: 3 months.

This is the only time event-freefire-gratis-terbaru-222222.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
19	40.82.208.111 40.82.208.111	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.21.235.194 65.21.235.194	24940 (HETZNER-AS) (HETZNER-AS)
4	92.123.194.148 92.123.194.148	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	23.48.23.24 23.48.23.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	188.68.52.216 188.68.52.216	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
1	104.109.75.95 104.109.75.95	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
11	2a02:26f0:350... 2a02:26f0:3500:3::b818:4d0c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	51.210.32.103 51.210.32.103	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	129.226.2.89 129.226.2.89	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
55	12

19 40.82.208.111 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

event-freefire-gratis-terbaru-222222.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.21.235.194 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.194.235.21.65.clients.your-server.de

h.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 92.123.194.148 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-194-148.deploy.static.akamaitechnologies.com

freefiremobile-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.48.23.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-24.deploy.static.akamaitechnologies.com

dl.dir.freefiremobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.68.52.216 (Hitzacker, Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: i.im.ge

i.im.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.75.95 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-75-95.deploy.static.akamaitechnologies.com

img.utdstc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:3500:3::b818:4d0c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.pubgmobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.32.103 (France)

ASN16276 (OVH, FR)
PTR: ns3172599.ip-51-210-32.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.226.2.89 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

na.apps.amsoveasea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	duckdns.org event-freefire-gratis-terbaru-222222.duckdns.org	3 MB
11	pubgmobile.com www.pubgmobile.com — Cisco Umbrella Rank: 22757	435 KB
7	freefiremobile.com dl.dir.freefiremobile.com — Cisco Umbrella Rank: 26915	1 MB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 436	19 KB
4	akamaihd.net freefiremobile-a.akamaihd.net — Cisco Umbrella Rank: 23485	143 KB
2	gstatic.com fonts.gstatic.com	36 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	amsoveasea.com na.apps.amsoveasea.com — Cisco Umbrella Rank: 130812	179 B
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 13776	189 KB
1	utdstc.com img.utdstc.com — Cisco Umbrella Rank: 104048	14 KB
1	im.ge i.im.ge — Cisco Umbrella Rank: 648951	28 KB
1	top4top.io h.top4top.io — Cisco Umbrella Rank: 957063	85 KB
55	12

	Domain	Requested by
19	event-freefire-gratis-terbaru-222222.duckdns.org	event-freefire-gratis-terbaru-222222.duckdns.org
11	www.pubgmobile.com	event-freefire-gratis-terbaru-222222.duckdns.org
7	dl.dir.freefiremobile.com	event-freefire-gratis-terbaru-222222.duckdns.org
5	cdn.jsdelivr.net	event-freefire-gratis-terbaru-222222.duckdns.org
4	freefiremobile-a.akamaihd.net	event-freefire-gratis-terbaru-222222.duckdns.org
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	event-freefire-gratis-terbaru-222222.duckdns.org
1	na.apps.amsoveasea.com	event-freefire-gratis-terbaru-222222.duckdns.org
1	i.ibb.co	event-freefire-gratis-terbaru-222222.duckdns.org
1	img.utdstc.com	event-freefire-gratis-terbaru-222222.duckdns.org
1	i.im.ge	event-freefire-gratis-terbaru-222222.duckdns.org
1	h.top4top.io	event-freefire-gratis-terbaru-222222.duckdns.org
55	12

This site contains no links.

Subject Issuer	Validity	Valid
event-freefire-gratis-terbaru-222222.duckdns.org cPanel, Inc. Certification Authority	`2022-04-19` - `2022-07-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
top4top.io R3	`2022-04-14` - `2022-07-13`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
dl.kgtw.garenanow.com DigiCert SHA2 Secure Server CA	`2022-03-15` - `2022-06-27`	3 months	crt.sh
i.im.ge Sectigo RSA Domain Validation Secure Server CA	`2021-09-25` - `2022-09-25`	a year	crt.sh
uptodown.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
wetv.acc.qq.com DigiCert SHA2 Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
ibb.co R3	`2022-04-07` - `2022-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
na.apps.amsoveasea.com TrustAsia TLS RSA CA	`2021-05-31` - `2022-05-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://event-freefire-gratis-terbaru-222222.duckdns.org/
Frame ID: 85FDFC2F7C3CA92E979306C24D70786E
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Garena Free Fire. Best survival Battle Royale on mobile!

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

55
Requests

100 %
HTTPS

33 %
IPv6

12
Domains

12
Subdomains

12
IPs

6
Countries

5809 kB
Transfer

5820 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
event-freefire-gratis-terbaru-222222.duckdns.org/ 12 KB
12 KB 857ms
287ms Document
text/html 40.82.208.111
MICROSOFT-CORP-MS...

General

event-freefire-gratis-terbaru-222222.duckdns.org Open in urlscan Pro 40.82.208.111 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

33 %IPv6

12 Domains

12 Subdomains

12 IPs

6 Countries

5809 kBTransfer

5820 kBSize

0 Cookies

0 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

event-freefire-gratis-terbaru-222222.duckdns.org Open in urlscan Pro
40.82.208.111 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

33 %
IPv6

12
Domains

12
Subdomains

12
IPs

6
Countries

5809 kB
Transfer

5820 kB
Size

0
Cookies

55 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!