account-garena.com
Open in
urlscan Pro
198.252.103.9
Malicious Activity!
Public Scan
Submission: On August 25 via automatic, source twitter_illegalFawn
Summary
This is the only time account-garena.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Garena Free Fire (Gaming)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 198.252.103.9 198.252.103.9 | 36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.) | |
5 | 203.116.173.105 203.116.173.105 | 4657 (STARHUBIN...) (STARHUBINTERNET-AS StarHub Internet Exchange) | |
1 | 2a00:1450:401... 2a00:1450:401b:801::2004 | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
5 | 2.20.189.139 2.20.189.139 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::200a | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
13 | 5 |
ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 198.252.103.9-static.reverse.arandomserver.com
account-garena.com |
ASN4657 (STARHUBINTERNET-AS StarHub Internet Exchange, SG)
PTR: cloudvps105.everseiko.com.sg
sso.garena.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
garenanow.com
cdn.garenanow.com |
8 KB |
5 |
garena.com
sso.garena.com |
24 KB |
1 |
googleapis.com
ajax.googleapis.com |
29 KB |
1 |
google.com
www.google.com |
6 KB |
1 |
account-garena.com
account-garena.com |
2 KB |
13 | 5 |
Domain | Requested by | |
---|---|---|
5 | cdn.garenanow.com |
account-garena.com
|
5 | sso.garena.com |
account-garena.com
ajax.googleapis.com |
1 | ajax.googleapis.com |
www.google.com
|
1 | www.google.com |
account-garena.com
|
1 | account-garena.com | |
13 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
nhanquagarena.top |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sso.garena.com COMODO RSA Domain Validation Secure Server CA |
2017-06-02 - 2019-06-02 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://account-garena.com/
Frame ID: 30787.1
Requests: 13 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
account-garena.com/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sso.css
sso.garena.com/css/ |
24 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jsapi
www.google.com/ |
25 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jsbn.js
cdn.garenanow.com/webmain/static/js/ |
15 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prng4.js
cdn.garenanow.com/webmain/static/js/ |
1009 B 478 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rng.js
cdn.garenanow.com/webmain/static/js/ |
2 KB 811 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rsa.js
cdn.garenanow.com/webmain/static/js/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grsa.js
cdn.garenanow.com/webmain/static/js/ |
670 B 670 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_garena.png
sso.garena.com/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5.0/ |
82 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg.png
sso.garena.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
earth.png
sso.garena.com/images/ |
522 B 522 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-facebook.png
sso.garena.com/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Garena Free Fire (Gaming)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
account-garena.com/ | Name: PHPSESSID Value: ac2744046sbuds2b0djiivllq7 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
account-garena.com
ajax.googleapis.com
cdn.garenanow.com
sso.garena.com
www.google.com
198.252.103.9
2.20.189.139
203.116.173.105
2a00:1450:4001:806::200a
2a00:1450:401b:801::2004
13a4bbc07313a1f6cd9adf38adbb512c63369e7e99ffc9477de764dd3e88f174
229278f6a9c1c27fc55bec50f06548fe64c2629f59f462d50cac28e65bb93a83
33e00abdae0b7f4e5927133b79b8322917a025d2bc897f6107ffdc18fcc07d4a
3a2e97410c23def10b030c03197a1546fa4b65e1607123a529c84df853486015
55ff8578db3a7e8d57214fb961b4c908ce5fd4bf66a53be77d989b1b16d82410
6131ccdad72628412191071444a3e08b20d4de2a0717f1c59c7a2b6edf3be5b1
61de67d61cf9977a30ebbd11f82570d4472620e3e15af06e4c6564d96faa091a
65a247c842f47fe4b62e399f94b3aa46382320934fef8ef77609e6dad3515a4c
72665b106e83624a87b4629a8eac9ca2da1f9598bc743ee8667e46f7522fb164
85af81f91c93450bb15d6f7f75ca7e96fcbda0b12cc4a6fb9bf04bff4783600c
9f27554859db05d776233142664db7d65867d6b52e9ada830c7e2fe50df91718
bf7207bcd39f56d9113027d68b8ad4fda3afb3520ff27e4e261061054a20ef0a
e35376a7e422bfacb8c2d2e2b797cee63ac6db16471f4348ae356db0f5294208