dichvugiupviecnha.com.vn Open in urlscan Pro
2606:4700:30::6818:610d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://estereolavozdelalfarero.org/orio/?ac=on&ea=YWxleGlzLnVscmljaEB1dGFoLmVkdQ==
Effective URL:
https://dichvugiupviecnha.com.vn/control/umail.html
Submission: On November 07 via manual (November 7th 2019, 11:32:11 pm UTC) from US

Summary HTTP 15 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 15 HTTP transactions. The main IP is 2606:4700:30::6818:610d, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is dichvugiupviecnha.com.vn.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 11th 2019. Valid for: a year.

This is the only time dichvugiupviecnha.com.vn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: US Universities (Education)

Domain & IP information

	IP Address	AS Autonomous System
1 1	107.189.162.104 107.189.162.104	53755 (IOFLOOD) (IOFLOOD - Input Output Flood LLC)
11	2606:4700:30:... 2606:4700:30::6818:610d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	155.97.137.30 155.97.137.30	17055 (UTAH) (UTAH - University of Utah)
15	2

1 107.189.162.104 (Phoenix, United States) 1 redirects

ASN53755 (IOFLOOD - Input Output Flood LLC, US)
PTR: we.love.servers.at.ioflood.net

estereolavozdelalfarero.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:30::6818:610d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

dichvugiupviecnha.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 155.97.137.30 (Salt Lake City, United States)

ASN17055 (UTAH - University of Utah, US)
PTR: autodiscover.ad.utah.edu

www.umail.utah.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	dichvugiupviecnha.com.vn dichvugiupviecnha.com.vn	62 KB
4	utah.edu www.umail.utah.edu	2 KB
1	estereolavozdelalfarero.org 1 redirects estereolavozdelalfarero.org	310 B
15	3

	Domain	Requested by
11	dichvugiupviecnha.com.vn	dichvugiupviecnha.com.vn
4	www.umail.utah.edu	dichvugiupviecnha.com.vn
1	estereolavozdelalfarero.org	1 redirects
15	3

This site contains links to these domains. Also see Links.

Domain
uofu.service-now.com
webtools.umail.utah.edu
office.com
www.it.utah.edu
www.utah.edu

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-10-11` - `2020-10-09`	a year	crt.sh
www.umail.utah.edu InCommon RSA Server CA	`2018-11-16` - `2020-11-15`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://dichvugiupviecnha.com.vn/control/umail.html
Frame ID: ABC74B94D6A98890F02E00068B8D92E1
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://estereolavozdelalfarero.org/orio/?ac=on&ea=YWxleGlzLnVscmljaEB1dGFoLmVkdQ== HTTP 302
https://dichvugiupviecnha.com.vn/control/umail.html Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

15
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

64 kB
Transfer

153 kB
Size

2
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://uofu.service-now.com/it?id=uu_kb_article&sys_id=cbc3f8ae13fceec0ae6d53228144b075
Title: UMail Help

Search URL Search Domain Scan URL

URL: https://webtools.umail.utah.edu/
Title: WebTools

Search URL Search Domain Scan URL

URL: https://office.com/redir/HA102824601.aspx
Title: click here.

Search URL Search Domain Scan URL

URL: http://www.it.utah.edu/
Title: University Information Technology

Search URL Search Domain Scan URL

URL: http://www.utah.edu/
Title: The University of Utah

Search URL Search Domain Scan URL

URL: http://www.utah.edu/disclaimer/index.html
Title: Disclaimer

Search URL Search Domain Scan URL

URL: http://www.utah.edu/privacy/
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://estereolavozdelalfarero.org/orio/?ac=on&ea=YWxleGlzLnVscmljaEB1dGFoLmVkdQ== HTTP 302
https://dichvugiupviecnha.com.vn/control/umail.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request umail.html Show response
dichvugiupviecnha.com.vn/control/
Redirect Chain

https://estereolavozdelalfarero.org/orio/?ac=on&ea=YWxleGlzLnVscmljaEB1dGFoLmVkdQ==
https://dichvugiupviecnha.com.vn/control/umail.html

68 KB
27 KB

699ms
619ms

Document
text/html

2606:4700:30::6818:610d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://dichvugiupviecnha.com.vn/control/umail.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:610d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Rocket/2.11.3
Resource Hash: eeaf2e3321194dea1716f0e11e4417f2f52922427dcdb1e0b6731cf4c07207d6

Request headers

:method: GET
:authority: dichvugiupviecnha.com.vn
:scheme: https
:path: /control/umail.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
date: Thu, 07 Nov 2019 23:31:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4862506b30af0fde413c37ffa8d92a351573169514; expires=Fri, 06-Nov-20 23:31:54 GMT; path=/; domain=.dichvugiupviecnha.com.vn; HttpOnly
cache-control: public, max-age=0,public
expires: Thu, 07 Nov 2019 23:31:54 GMT
vary: Accept-Encoding,Accept-Encoding
x-powered-by: WP Rocket/2.11.3
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 53231a77fddecb9c-VIE
content-encoding: br

Redirect headers

Date: Thu, 07 Nov 2019 23:31:53 GMT
Server: Apache
location: https://dichvugiupviecnha.com.vn/control/umail.html
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 1
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 logon.css
dichvugiupviecnha.com.vn/control/Outlook_files/ 3 KB
1 KB 474ms
471ms Stylesheet
text/css 2606:4700:30::6818:610d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://dichvugiupviecnha.com.vn/control/Outlook_files/logon.css
Requested by: Host: dichvugiupviecnha.com.vn
URL: https://dichvugiupviecnha.com.vn/control/umail.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:610d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 274b77b93608275e8123b31b8a550a954d0dd1cce35449fc0c5bb4293d95d951

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dichvugiupviecnha.com.vn/control/umail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Thu, 07 Nov 2019 23:31:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Nov 2019 21:07:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 53231a7c8979cb9c-VIE
expires: Fri, 06 Nov 2020 23:31:54 GMT

GET
H2 200 owafont.css
dichvugiupviecnha.com.vn/control/Outlook_files/ 5 KB
2 KB 490ms
488ms Stylesheet
text/css 2606:4700:30::6818:610d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://dichvugiupviecnha.com.vn/control/Outlook_files/owafont.css
Requested by: Host: dichvugiupviecnha.com.vn
URL: https://dichvugiupviecnha.com.vn/control/umail.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:610d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a8a50bbfec3340a13879de71a5dbe889eca252ac9cfb523c6cea94f05b7b673

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dichvugiupviecnha.com.vn/control/umail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Thu, 07 Nov 2019 23:31:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Nov 2019 20:37:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 53231a7c897dcb9c-VIE
expires: Fri, 06 Nov 2020 23:31:55 GMT

GET
H2 200 flogon.js Show response
dichvugiupviecnha.com.vn/control/Outlook_files/ 4 KB
2 KB 470ms
468ms Script
application/javascript 2606:4700:30::6818:610d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://dichvugiupviecnha.com.vn/control/Outlook_files/flogon.js
Requested by: Host: dichvugiupviecnha.com.vn
URL: https://dichvugiupviecnha.com.vn/control/umail.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:610d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 215d250a6028db2afb14ba5028f23493f042cee6fdd59f59e4deb10fd63b1060

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dichvugiupviecnha.com.vn/control/umail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Thu, 07 Nov 2019 23:31:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Nov 2019 20:37:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 53231a7c8980cb9c-VIE
expires: Fri, 06 Nov 2020 23:31:54 GMT

GET
H2 200 lgntopl.gif
dichvugiupviecnha.com.vn/control/Outlook_files/ 9 KB
9 KB 490ms
488ms Image
image/gif 2606:4700:30::6818:610d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dichvugiupviecnha.com.vn/control/Outlook_files/lgntopl.gif
Requested by: Host: dichvugiupviecnha.com.vn
URL: https://dichvugiupviecnha.com.vn/control/umail.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:610d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9a847e157c07d64faa94862f40d5800f57f20addd3cf0d9fbf28fb06ea285d1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dichvugiupviecnha.com.vn/control/umail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Thu, 07 Nov 2019 23:31:55 GMT
cf-cache-status: MISS
last-modified: Thu, 07 Nov 2019 20:37:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 53231a7c8981cb9c-VIE
content-length: 9475
expires: Sat, 07 Dec 2019 23:31:55 GMT

GET
H2 200 lgntopr.gif
dichvugiupviecnha.com.vn/control/Outlook_files/ 738 B
889 B 471ms
470ms Image
image/gif 2606:4700:30::6818:610d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dichvugiupviecnha.com.vn/control/Outlook_files/lgntopr.gif
Requested by: Host: dichvugiupviecnha.com.vn
URL: https://dichvugiupviecnha.com.vn/control/umail.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:610d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 082ec41ad08138ac984a5b04a99595c8b08b727d5c5582cdf8dd8409bac9f4a1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dichvugiupviecnha.com.vn/control/umail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Thu, 07 Nov 2019 23:31:55 GMT
cf-cache-status: MISS
last-modified: Thu, 07 Nov 2019 20:37:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 53231a7c8983cb9c-VIE
content-length: 738
expires: Sat, 07 Dec 2019 23:31:54 GMT

GET
H2 200 lgnexlogo.gif
dichvugiupviecnha.com.vn/control/Outlook_files/ 6 KB
6 KB 489ms
489ms Image
image/gif 2606:4700:30::6818:610d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dichvugiupviecnha.com.vn/control/Outlook_files/lgnexlogo.gif
Requested by: Host: dichvugiupviecnha.com.vn
URL: https://dichvugiupviecnha.com.vn/control/umail.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:610d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c11c3147a6748095b23c5c6919d43670137a99b36a2832d5a26ce3ffd02742e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dichvugiupviecnha.com.vn/control/umail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Thu, 07 Nov 2019 23:31:55 GMT
cf-cache-status: MISS
last-modified: Thu, 07 Nov 2019 20:37:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 53231a7f9bddcb9c-VIE
content-length: 6301
expires: Sat, 07 Dec 2019 23:31:55 GMT

GET
H2 200 lgnbotl.gif
dichvugiupviecnha.com.vn/control/Outlook_files/ 180 B
241 B 469ms
469ms Image
image/gif 2606:4700:30::6818:610d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dichvugiupviecnha.com.vn/control/Outlook_files/lgnbotl.gif
Requested by: Host: dichvugiupviecnha.com.vn
URL: https://dichvugiupviecnha.com.vn/control/umail.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:610d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d43b54099a9b1b387857da97e98ec0e3fb06c1476e17cd1839f1e87da5da7f9f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dichvugiupviecnha.com.vn/control/umail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Thu, 07 Nov 2019 23:31:55 GMT
cf-cache-status: MISS
last-modified: Thu, 07 Nov 2019 20:37:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 53231a7fabe4cb9c-VIE
content-length: 180
expires: Sat, 07 Dec 2019 23:31:55 GMT

GET
H2 200 lgnbotr.gif
dichvugiupviecnha.com.vn/control/Outlook_files/ 76 B
137 B 482ms
482ms Image
image/gif 2606:4700:30::6818:610d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dichvugiupviecnha.com.vn/control/Outlook_files/lgnbotr.gif
Requested by: Host: dichvugiupviecnha.com.vn
URL: https://dichvugiupviecnha.com.vn/control/umail.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:610d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68735edb4b81bf80b20746699995d801b7d98941ed3a6e9eebe931fea734a6a3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dichvugiupviecnha.com.vn/control/umail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Thu, 07 Nov 2019 23:31:55 GMT
cf-cache-status: MISS
last-modified: Thu, 07 Nov 2019 20:37:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 53231a7fabe5cb9c-VIE
content-length: 76
expires: Sat, 07 Dec 2019 23:31:55 GMT

GET
H2 200 email-decode.min.js Show response
dichvugiupviecnha.com.vn/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
816 B 15ms
13ms Script
application/javascript 2606:4700:30::6818:610d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://dichvugiupviecnha.com.vn/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: dichvugiupviecnha.com.vn
URL: https://dichvugiupviecnha.com.vn/control/umail.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:610d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dichvugiupviecnha.com.vn/control/umail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Thu, 07 Nov 2019 23:31:55 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 04 Nov 2019 17:30:49 GMT
server: cloudflare
etag: W/"5dc06049-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 53231a7f9bdbcb9c-VIE
expires: Sat, 09 Nov 2019 23:31:55 GMT

GET
H/1.1 200
OK page-bg.gif
www.umail.utah.edu/owa/auth/2010resources/ 47 B
532 B 786ms
130ms Image
image/gif 155.97.137.30
University of Utah

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.umail.utah.edu/owa/auth/2010resources/page-bg.gif
Requested by: Host: dichvugiupviecnha.com.vn
URL: https://dichvugiupviecnha.com.vn/control/umail.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 155.97.137.30 Salt Lake City, United States, ASN17055 (UTAH - University of Utah, US),
Reverse DNS: autodiscover.ad.utah.edu
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bab4372565d9faf99e6aec22c54a095d5ced7d47e7a946692e9ae3b5e6d83ce2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dichvugiupviecnha.com.vn/control/Outlook_files/logon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

request-id: f8467fb3-d607-4ee6-a336-692f4b4b595a
Date: Thu, 07 Nov 2019 23:31:56 GMT
Last-Modified: Thu, 15 Sep 2011 17:18:54 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "f2b0968bcb73cc1:0"
Content-Type: image/gif
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 47

GET
H/1.1 200
OK lgntopm.gif
www.umail.utah.edu/owa/auth/2010resources/ 106 B
592 B 786ms
131ms Image
image/gif 155.97.137.30
University of Utah

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.umail.utah.edu/owa/auth/2010resources/lgntopm.gif
Requested by: Host: dichvugiupviecnha.com.vn
URL: https://dichvugiupviecnha.com.vn/control/umail.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 155.97.137.30 Salt Lake City, United States, ASN17055 (UTAH - University of Utah, US),
Reverse DNS: autodiscover.ad.utah.edu
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ed23f689ffcf93ebfe3923e832ae3106fca4d7583a98ea365f4f7cc6d01efc4c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dichvugiupviecnha.com.vn/control/umail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

request-id: 26485dcc-0477-4f99-8e3d-a00f9e7c86d8
Date: Thu, 07 Nov 2019 23:31:56 GMT
Last-Modified: Thu, 15 Sep 2011 17:18:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "12948a8acb73cc1:0"
Content-Type: image/gif
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 106

GET
H/1.1 200
OK lgnleft.gif
www.umail.utah.edu/owa/auth/2010resources/ 98 B
583 B 786ms
130ms Image
image/gif 155.97.137.30
University of Utah

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.umail.utah.edu/owa/auth/2010resources/lgnleft.gif
Requested by: Host: dichvugiupviecnha.com.vn
URL: https://dichvugiupviecnha.com.vn/control/umail.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 155.97.137.30 Salt Lake City, United States, ASN17055 (UTAH - University of Utah, US),
Reverse DNS: autodiscover.ad.utah.edu
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c70c99a71a2e86e6ed28d893bf3df3ef9b0ce9d7a6164d8f5d0e144f3aa5a200

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dichvugiupviecnha.com.vn/control/umail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

request-id: 829d5f58-c283-4154-bf8b-2664e09b4578
Date: Thu, 07 Nov 2019 23:31:56 GMT
Last-Modified: Thu, 15 Sep 2011 17:18:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "788c688acb73cc1:0"
Content-Type: image/gif
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 98

GET
H/1.1 200
OK lgnbotm.gif
www.umail.utah.edu/owa/auth/2010resources/ 47 B
532 B 784ms
131ms Image
image/gif 155.97.137.30
University of Utah

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.umail.utah.edu/owa/auth/2010resources/lgnbotm.gif
Requested by: Host: dichvugiupviecnha.com.vn
URL: https://dichvugiupviecnha.com.vn/control/umail.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 155.97.137.30 Salt Lake City, United States, ASN17055 (UTAH - University of Utah, US),
Reverse DNS: autodiscover.ad.utah.edu
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a1dab94cdd8a03235c8a0f3ec4b2d2bac3180dcfb6507abc49f12055779441e8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dichvugiupviecnha.com.vn/control/umail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

request-id: dee57dad-ebdd-4f75-8da1-f8361a01a19d
Date: Thu, 07 Nov 2019 23:31:56 GMT
Last-Modified: Thu, 15 Sep 2011 17:18:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "9cb8408acb73cc1:0"
Content-Type: image/gif
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 47

POST
H2 404 clm10 Show response
dichvugiupviecnha.com.vn/ 54 KB
13 KB 1033ms
1032ms XHR
text/html 2606:4700:30::6818:610d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://dichvugiupviecnha.com.vn/clm10
Requested by: Host: dichvugiupviecnha.com.vn
URL: https://dichvugiupviecnha.com.vn/control/umail.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:610d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8ad9656b5c7176d247384fb3138ce1455e0b66255656c4d6d08b2f36723f1da

Request headers

Sec-Fetch-Mode: cors
Referer: https://dichvugiupviecnha.com.vn/control/umail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Nov 2019 23:31:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept-Encoding
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 53231a849f6fcb9c-VIE
link: <https://dichvugiupviecnha.com.vn/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: US Universities (Education)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dichvugiupviecnha.com.vn/	1970-01-19 13:45:05	Name: __cfduid Value: d4862506b30af0fde413c37ffa8d92a351573169514
			dichvugiupviecnha.com.vn/control	1969-12-31 23:59:59	Name: cookieTest Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dichvugiupviecnha.com.vn
estereolavozdelalfarero.org
www.umail.utah.edu
107.189.162.104
155.97.137.30
2606:4700:30::6818:610d
082ec41ad08138ac984a5b04a99595c8b08b727d5c5582cdf8dd8409bac9f4a1
215d250a6028db2afb14ba5028f23493f042cee6fdd59f59e4deb10fd63b1060
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
274b77b93608275e8123b31b8a550a954d0dd1cce35449fc0c5bb4293d95d951
3c11c3147a6748095b23c5c6919d43670137a99b36a2832d5a26ce3ffd02742e
5a8a50bbfec3340a13879de71a5dbe889eca252ac9cfb523c6cea94f05b7b673
68735edb4b81bf80b20746699995d801b7d98941ed3a6e9eebe931fea734a6a3
a1dab94cdd8a03235c8a0f3ec4b2d2bac3180dcfb6507abc49f12055779441e8
bab4372565d9faf99e6aec22c54a095d5ced7d47e7a946692e9ae3b5e6d83ce2
c70c99a71a2e86e6ed28d893bf3df3ef9b0ce9d7a6164d8f5d0e144f3aa5a200
d43b54099a9b1b387857da97e98ec0e3fb06c1476e17cd1839f1e87da5da7f9f
d9a847e157c07d64faa94862f40d5800f57f20addd3cf0d9fbf28fb06ea285d1
ed23f689ffcf93ebfe3923e832ae3106fca4d7583a98ea365f4f7cc6d01efc4c
eeaf2e3321194dea1716f0e11e4417f2f52922427dcdb1e0b6731cf4c07207d6
f8ad9656b5c7176d247384fb3138ce1455e0b66255656c4d6d08b2f36723f1da

dichvugiupviecnha.com.vn Open in urlscan Pro 2606:4700:30::6818:610d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

64 kBTransfer

153 kBSize

2 Cookies

7 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

36 JavaScript Global Variables

2 Cookies

Indicators

dichvugiupviecnha.com.vn Open in urlscan Pro
2606:4700:30::6818:610d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

64 kB
Transfer

153 kB
Size

2
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!