luongynhiem.com
Open in
urlscan Pro
103.27.62.57
Malicious Activity!
Public Scan
Submission: On March 19 via automatic, source openphish
Summary
This is the only time luongynhiem.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 103.27.62.57 103.27.62.57 | 56150 (VHOST-AS-...) (VHOST-AS-VN Viet Solutions Services Trading Company Limited) | |
4 | 99.84.6.145 99.84.6.145 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 54.192.201.69 54.192.201.69 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
7 | 4 |
ASN56150 (VHOST-AS-VN Viet Solutions Services Trading Company Limited, VN)
luongynhiem.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-84-6-145.lhr62.r.cloudfront.net
images-na.ssl-images-amazon.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-201-69.fra50.r.cloudfront.net
m.media-amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
ssl-images-amazon.com
images-na.ssl-images-amazon.com |
34 KB |
1 |
media-amazon.com
m.media-amazon.com |
26 KB |
1 |
googleapis.com
ajax.googleapis.com |
33 KB |
1 |
luongynhiem.com
luongynhiem.com |
3 KB |
7 | 4 |
Domain | Requested by | |
---|---|---|
4 | images-na.ssl-images-amazon.com |
luongynhiem.com
|
1 | m.media-amazon.com |
ajax.googleapis.com
|
1 | ajax.googleapis.com |
luongynhiem.com
|
1 | luongynhiem.com | |
7 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
Images-na.ssl-images-amazon.com DigiCert Global CA G2 |
2019-02-21 - 2019-07-19 |
5 months | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://luongynhiem.com/Amazon/SignIn/phone.php
Frame ID: 184B2135D9B45CCEE0C3C8735CF6E518
Requests: 7 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
LiteSpeed (Web Servers) Expand
Detected patterns
- headers server /^LiteSpeed$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
phone.php
luongynhiem.com/Amazon/SignIn/ |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61gbb09bfIL._RC%7C11Fd9tJOdtL.css,21ULbzscqzL.css,31Q3id-QR0L.css,31QszevPBSL.css_.css
images-na.ssl-images-amazon.com/images/I/ |
136 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AuthenticationPortalAssets-60974eab2c51181b770605eaef55c2d69d69613c._V2_.css
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ |
32 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CVFAssets-e91ba5c6e67c58c7f9c4c413fa67697feade389e._V2_.css
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ |
91 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sc-unified._CB341165134_.png
images-na.ssl-images-amazon.com/images/G/01/rainier/nav/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonUIBaseCSS-sprite_1x-28bd59af93d9b1c745bb0aca4de58763b54df7cf._V2_.png
m.media-amazon.com/images/G/01/AUIClients/ |
26 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
luongynhiem.com/ | Name: PHPSESSID Value: ml1f4hs6go91ft34q4foencfq6 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
images-na.ssl-images-amazon.com
luongynhiem.com
m.media-amazon.com
103.27.62.57
2a00:1450:4001:81f::200a
54.192.201.69
99.84.6.145
35536b9d023b7fd2cb157195c72302421c6857ccf24e19fd072955a93964c12d
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6d41af45fc77c0071d323d5b08163fc565dcdd7f94cd22fc0e11cf2e84a9a0ff
ac6c8a640f5b8fea68c8aeaaad4e145c8261be36ba09df844e4121fb69e90cc7
b06058dda50252e2ff430d60f9d799d44e0dbbad47006ea169aa9abd90146459
d7f0c84a144723f16e3e284bc646810e7007f552e7444e8138ce54f616f9975b
e1283c0339d0393ebf45c02a0b34618f572b82eb5dbda366385498ae01413d3d