claim-freefire.fauzi.biz.id
Open in
urlscan Pro
2a06:98c1:3121::3
Malicious Activity!
Public Scan
Submission: On February 24 via automatic, source certstream-suspicious — Scanned from NL
Summary
TLS certificate: Issued by E1 on January 17th 2024. Valid for: 3 months.
This is the only time claim-freefire.fauzi.biz.id was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 23.48.23.141 23.48.23.141 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:310... 2a02:26f0:3100::1735:2a79 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 162.19.58.157 162.19.58.157 | 16276 (OVH) (OVH) | |
1 | 2a04:4e42::649 2a04:4e42::649 | 54113 (FASTLY) (FASTLY) | |
1 | 3.64.163.50 3.64.163.50 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 2a00:1450:400... 2a00:1450:4001:827::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:20:... 2606:4700:20::681a:b06 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2016 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:812::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 3.160.212.19 3.160.212.19 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:276... 2600:9000:2761:7e00:9:9b5:5880:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
33 | 13 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-141.deploy.static.akamaitechnologies.com
freefiremobile-a.akamaihd.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-163-50.eu-central-1.compute.amazonaws.com
randomjs.com |
ASN16509 (AMAZON-02, US)
PTR: server-3-160-212-19.mxp53.r.cloudfront.net
api.pubgameshowtime.com |
ASN16509 (AMAZON-02, US)
staticg.sportskeeda.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
fauzi.biz.id
claim-freefire.fauzi.biz.id |
2 MB |
5 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32 |
3 KB |
3 |
gstatic.com
fonts.gstatic.com |
48 KB |
2 |
ibb.co
i.ibb.co — Cisco Umbrella Rank: 12287 |
74 KB |
1 |
sportskeeda.com
staticg.sportskeeda.com — Cisco Umbrella Rank: 37088 |
66 KB |
1 |
pubgameshowtime.com
api.pubgameshowtime.com |
453 B |
1 |
ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 91 |
105 KB |
1 |
hdqwalls.com
images.hdqwalls.com — Cisco Umbrella Rank: 195241 |
146 KB |
1 |
randomjs.com
randomjs.com |
|
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 729 |
30 KB |
1 |
pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 1971 |
26 KB |
1 |
akamaihd.net
freefiremobile-a.akamaihd.net — Cisco Umbrella Rank: 66074 |
1 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 226 |
6 KB |
33 | 13 |
Domain | Requested by | |
---|---|---|
14 | claim-freefire.fauzi.biz.id |
claim-freefire.fauzi.biz.id
|
5 | fonts.googleapis.com |
claim-freefire.fauzi.biz.id
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | i.ibb.co |
claim-freefire.fauzi.biz.id
|
1 | staticg.sportskeeda.com |
claim-freefire.fauzi.biz.id
|
1 | api.pubgameshowtime.com |
code.jquery.com
|
1 | i.ytimg.com |
claim-freefire.fauzi.biz.id
|
1 | images.hdqwalls.com |
claim-freefire.fauzi.biz.id
|
1 | randomjs.com |
claim-freefire.fauzi.biz.id
|
1 | code.jquery.com |
claim-freefire.fauzi.biz.id
|
1 | i.pinimg.com |
claim-freefire.fauzi.biz.id
|
1 | freefiremobile-a.akamaihd.net |
claim-freefire.fauzi.biz.id
|
1 | cdnjs.cloudflare.com |
claim-freefire.fauzi.biz.id
|
33 | 13 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
fauzi.biz.id E1 |
2024-01-17 - 2024-04-16 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-05-16 - 2024-05-15 |
a year | crt.sh |
i2.pinimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-05-03 - 2024-05-15 |
a year | crt.sh |
ibb.co R3 |
2024-02-07 - 2024-05-07 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
randomjs.com R3 |
2024-01-23 - 2024-04-22 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
edgestatic.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
api.pubgameshowtime.com Amazon |
2020-04-17 - 2021-05-17 |
a year | crt.sh |
*.sportskeeda.com Amazon ECDSA 256 M02 |
2023-09-25 - 2024-10-23 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://claim-freefire.fauzi.biz.id/
Frame ID: F20CECBFAB6F7601333CB27C857D202B
Requests: 33 HTTP requests in this frame
Screenshot
Page Title
FREE FIRE NEW 2021Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
claim-freefire.fauzi.biz.id/ |
17 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
claim-freefire.fauzi.biz.id/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.css
claim-freefire.fauzi.biz.id/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-small_20210113.png
freefiremobile-a.akamaihd.net/common/web_event/official/ |
1014 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
675666d840a9c8fa1c61eaf584ff2a50.gif
i.pinimg.com/originals/67/56/66/ |
25 KB 26 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crate.jpg
claim-freefire.fauzi.biz.id/ngMedia/ |
493 KB 494 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ngBg.3gpp
claim-freefire.fauzi.biz.id/ngMedia/ |
1 MB 1 MB |
Media
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
facebook_text.png
claim-freefire.fauzi.biz.id/img/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IMG-20210702-145636.jpg
i.ibb.co/hHmC7Dx/ |
20 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.0.0.js
randomjs.com/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
popSound.mp4
claim-freefire.fauzi.biz.id/ngMedia/ |
0 0 |
Media
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
clickSound.mpeg
claim-freefire.fauzi.biz.id/ngMedia/ |
9 KB 10 KB |
Media
video/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
424 B 732 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
781 B 462 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
1 KB 556 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
1 KB 540 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
402 B 379 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
garena-free-fire-plan-bermuda-street-outfit-to.jpg
images.hdqwalls.com/wallpapers/bthumb/ |
146 KB 146 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.jpg
i.ibb.co/BLH3QxM/ |
53 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maxresdefault.jpg
i.ytimg.com/vi/FXbYo1SQ7uI/ |
105 KB 105 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cIf9MaFLtkE3UjaJ9C6hYQ.woff2
fonts.gstatic.com/s/sniglet/v17/ |
24 KB 25 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2
fonts.gstatic.com/s/fredokaone/v14/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RrQfboBx-C5_XxrBbg.woff2
fonts.gstatic.com/s/acme/v25/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
19.jpg
claim-freefire.fauzi.biz.id/ngMedia/ngReward/ |
297 KB 297 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
12.jpg
claim-freefire.fauzi.biz.id/ngMedia/ngReward/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
38.jpg
claim-freefire.fauzi.biz.id/ngMedia/ngReward/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
25.jpg
claim-freefire.fauzi.biz.id/ngMedia/ngReward/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
23.jpg
claim-freefire.fauzi.biz.id/ngMedia/ngReward/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getcountry
api.pubgameshowtime.com/ip/ |
56 B 453 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aba40-16124989553053-800.jpg
staticg.sportskeeda.com/editor/2021/02/ |
65 KB 66 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
digital-7.ttf
claim-freefire.fauzi.biz.id/ngMedia/ |
34 KB 11 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| openCrate number| countDownDate number| x function| tiktok function| checkip function| valid0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.pubgameshowtime.com
cdnjs.cloudflare.com
claim-freefire.fauzi.biz.id
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
freefiremobile-a.akamaihd.net
i.ibb.co
i.pinimg.com
i.ytimg.com
images.hdqwalls.com
randomjs.com
staticg.sportskeeda.com
162.19.58.157
23.48.23.141
2600:9000:2761:7e00:9:9b5:5880:93a1
2606:4700:20::681a:b06
2606:4700::6811:190e
2a00:1450:4001:812::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2016
2a02:26f0:3100::1735:2a79
2a04:4e42::649
2a06:98c1:3121::3
3.160.212.19
3.64.163.50
01414bfe9fb01899d0cc40bf63b8bf11d709bcccf11e170b642bbc185a104c5a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
104b8338fe458890a927c07c902f3675055226ad97f898ce523acd358a5b6ae9
145c1c61215abfb0e9d565fcc12caf0589a20a6fbf7be74170d1af19c2a53681
1e5a5fba50a64d54d3178137d0229d0f494d29c76e8fb04c4dd940d375e61d23
2b4a081814a94ac5a3b98e1462e8449a3e84f6ea0694d194c1934cb2e27abfa5
3414e1a42c1555294d1d1e8baeb35a8e323db521608de4f4589a4653814f15b7
34d5c0a738a0b8dd5c7eeb6c4c7ba1cdfcaffdb4f287c7589d6f91d1f31cf77e
37e59a351da07186054ae43724f2665824d43c132ce01cc897f0e1eb7dd8fed2
406524d8bc1d2bdd75f9dc856dbb8f1969e51c0f6657212450d5c277b1a80387
43b19f34714467305033a7e41ca82a51eb06fed356cf4b14ce763f2178ee86dc
4f1a23e3f5b2205e41916b4fcadf3ad1d86bcb7e010cffff0ecad52f320d18c9
654cb99fb0cdc3b32bf8efbd77c8171f09580840dbd8084e3dbd2427210a9b9e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a9b8b236cde4ff824178f8131377892f3547ac822d631ac3d47dfb2ad3d9823
900d76d48399dcedc36fb1ae05b223de29f281b64f0a44ebbaa94e92f3cbc45d
9d285f2596aff214ef039ad897078da90d759cc9d517b8324993593bf8f0c3e8
a84907ff5cc09364a0fd07d084c0df3a9c6c9f5309c98778a8f4e796ba7a2c07
aff3aed487dddcbd72b3a7d41fb8b7e9b231a50c72146ff7c476577642b92a9c
b5bfeab68d153699fdf0d57d92c5b2d9ede9cdf031697989a9e2a978e9b677c5
b82ec79a87b79ba6f90b5b18614d3a49b4bf9bce01a9519e18dfd4aaf739df97
bb814ac86e7f409154ced702b9f3543761d09410e837ec728242e6b980a26aa0
c28ae7f610d66262114945bbcd947cf156888bda138028bddcdfda69b6f0f15d
d25ac254d62875458e958a4a91e23dec7c597bfb5d37afeb94aac9dc18bc2476
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e7df016424ff9bc6fb284be94d9a0f349e84277541162fad7ac75b494e180281
e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769
ec3ac662132b9a60e3b09b8a971a131a55aeee1447146aa38ea7b32d777bc3c8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e