website.phuyen.edu.vn
Open in
urlscan Pro
42.117.7.113
Malicious Activity!
Public Scan
Submission: On September 10 via automatic, source openphish
Summary
This is the only time website.phuyen.edu.vn was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NatWest (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 42.117.7.113 42.117.7.113 | 18403 (FPT-AS-AP...) (FPT-AS-AP The Corporation for Financing & Promoting Technology) | |
13 | 1 |
ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN)
website.phuyen.edu.vn |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
phuyen.edu.vn
website.phuyen.edu.vn |
116 KB |
13 | 1 |
Domain | Requested by | |
---|---|---|
13 | website.phuyen.edu.vn |
website.phuyen.edu.vn
|
13 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://website.phuyen.edu.vn/natwest.com_nwolb.com_security/SecurityRetry.php
Frame ID: 11024.1
Requests: 13 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Windows Server (Operating Systems) Expand
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
SecurityRetry.php
website.phuyen.edu.vn/natwest.com_nwolb.com_security/ |
10 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
website.phuyen.edu.vn/natwest.com_nwolb.com_security/assets/css/ |
69 KB 69 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
color.css
website.phuyen.edu.vn/natwest.com_nwolb.com_security/assets/css/ |
28 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
website.phuyen.edu.vn/natwest.com_nwolb.com_security/assets/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
error.gif
website.phuyen.edu.vn/natwest.com_nwolb.com_security/assets/img/ |
111 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reg.woff
website.phuyen.edu.vn/natwest.com_nwolb.com_security/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
white-lock.png
website.phuyen.edu.vn/natwest.com_nwolb.com_security/assets/img/ |
285 B 285 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bol.woff
website.phuyen.edu.vn/natwest.com_nwolb.com_security/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chav-down.gif
website.phuyen.edu.vn/natwest.com_nwolb.com_security/assets/img/ |
843 B 843 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-bg.png
website.phuyen.edu.vn/natwest.com_nwolb.com_security/assets/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arr.gif
website.phuyen.edu.vn/natwest.com_nwolb.com_security/assets/img/ |
53 B 53 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reg.ttf
website.phuyen.edu.vn/natwest.com_nwolb.com_security/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bol.ttf
website.phuyen.edu.vn/natwest.com_nwolb.com_security/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NatWest (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
website.phuyen.edu.vn
42.117.7.113
0fce4795c07caeffdb196345e3b48ed717d6c77af2d89efefc31db8d8f11b695
12da6746d1f2394818ae4a4e60643e6d12a8e1700cba35e7b357b6eac10c656e
48827d7cb1ec7b7d7eacf3d9a8285aa25a006511a29da0223da8b919b903042b
4f72b3b800e216cb8f5d37d723b72cf0ff9c2c6142093368fc9338753dbef250
58ac97186d61e424878863f9cb1258c1f04eb1016f6ab11359f97994b758955c
682df64974058b47f875e3e8c904ad1b28325a9b37e30b0735b7bd057b61be9a
7f11d3d161674721f0a96c235040d618461015c1193de9d65b621ee773fa98f8
917942589e5b140755ee83bb4720ca9c1bbf7705f44f51a78ba1ffa635420c50
b465d00b89619e9899ec7d618559157db09f935d318466d67deb036157fadcf2