actioncthanh.cfd Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://actioncthanh.cfd/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On July 28 via api (July 28th 2024, 6:25:30 am UTC) from IT — Scanned from NL

Summary HTTP 17 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 17 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is actioncthanh.cfd.
TLS certificate: Issued by WE1 on July 28th 2024. Valid for: 3 months.

This is the only time actioncthanh.cfd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
14	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	113.171.66.18 113.171.66.18	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
17	4

14 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

actioncthanh.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 113.171.66.18 (Viet Tri, Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

scontent.fhan4-3.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	actioncthanh.cfd actioncthanh.cfd	260 KB
1	fbcdn.net scontent.fhan4-3.fna.fbcdn.net — Cisco Umbrella Rank: 31342	640 B
1	googleapis.com firebasestorage.googleapis.com — Cisco Umbrella Rank: 6369	6 KB
17	3

	Domain	Requested by
14	actioncthanh.cfd	actioncthanh.cfd
1	scontent.fhan4-3.fna.fbcdn.net	actioncthanh.cfd
1	firebasestorage.googleapis.com	actioncthanh.cfd
17	3

This site contains links to these domains. Also see Links.

Domain
about.meta.com
www.facebook.com

Subject Issuer	Validity	Valid
actioncthanh.cfd WE1	`2024-07-28` - `2024-10-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.fhan4-3.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2024-06-04` - `2024-09-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://actioncthanh.cfd/
Frame ID: FE86A20C2CDFD64F1FE41AA7152DBE2B
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Meta

Page Statistics

17
Requests

94 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

266 kB
Transfer

985 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://about.meta.com/
Title: About

Search URL Search Domain Scan URL

URL: https://www.facebook.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/help/568137493302217
Title: Ad choices

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policies
Title: Terms & Policies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response actioncthanh.cfd/	17 KB 5 KB	280ms 216ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://actioncthanh.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash `845a30df6290baa441e6f804f32ed0007e9c4534a3204d9175914b329a63e33b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control s-maxage=31536000, stale-while-revalidate cf-cache-status DYNAMIC cf-ray 8aa2cab9b89a37f7-FRA content-encoding br content-type text/html; charset=utf-8 date Sun, 28 Jul 2024 06:25:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aCb98h8WmeKA1YST5J9wxeJbAYOvKi3zA9vYnR3rlf0OzYiREe0QdVeh9cZKHcX%2FxLHpki9XmaLCdFFk7ho25Gs5Y2kVHt8CmGCiCblE3druTaesfiyz2kFAw0bRqn%2Fqv5nX"}],"group":"cf-nel","max_age":604800} server cloudflare vary RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding x-nextjs-cache HIT x-powered-by Next.js
GET H3	200	c9a5bc6a7c948fb0-s.p.woff2 actioncthanh.cfd/_next/static/media/	45 KB 46 KB	384ms 383ms	Font font/woff2	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://actioncthanh.cfd/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2 Requested by Host: actioncthanh.cfd URL: https://actioncthanh.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1` Request headers Referer https://actioncthanh.cfd/ Origin https://actioncthanh.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 06:25:26 GMT cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"b5d8-190e3f03d25" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GM%2F%2Bq%2BnOxBe6mx5omJGqNbiUsE72EqZk91MD%2FkctMavtkrzb%2BpfOnWs5fZmIvT1Vu0Ju8T8xG36NttQ5xPzcLEt8h2HCxTZgX45LL%2BWwf4pOxe8oS%2FApKm7rfbyLtKN1G4Ze"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=31536000, immutable accept-ranges bytes cf-ray 8aa2cabb2a3c37f7-FRA alt-svc h3=":443"; ma=86400 content-length 46552
GET H2	200	img_meta.png firebasestorage.googleapis.com/v0/b/asm-sevice.appspot.com/o/	5 KB 6 KB	593ms 514ms	Image image/png	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://firebasestorage.googleapis.com/v0/b/asm-sevice.appspot.com/o/img_meta.png?alt=media&token=c3d7eeee-377a-4edd-8916-9f4996e615dc Requested by Host: actioncthanh.cfd URL: https://actioncthanh.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash `f85ae19942302afb33ddc15deb32e501c38ae71a83645fbdf96321b1443d4c55` Request headers Referer https://actioncthanh.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 06:25:26 GMT x-guploader-uploadid AHxI1nM7kYCc0nxcFwNSibXelc-_NB4Yd57RFDsTZC3SKQ36FVn3iB10NMI7Xg1sI7FM6tnFsik x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-disposition inline; filename=utf-8''img_meta.png alt-svc* h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5127 last-modified Sat, 04 May 2024 09:40:07 GMT server UploadServer etag "3b365a98760b211155db1b2013fc89e9" x-goog-generation 1714815607378915 content-type image/png x-goog-hash crc32c=1Cl5Lg==, md5=OzZamHYLIRFV2xsgE/yJ6Q== cache-control private, max-age=0 x-goog-stored-content-length 5127 x-goog-meta-firebasestoragedownloadtokens c3d7eeee-377a-4edd-8916-9f4996e615dc accept-ranges bytes expires Sun, 28 Jul 2024 06:25:26 GMT
GET H3	200	146597050_455534749152435_1802453867954835002_n.svg scontent.fhan4-3.fna.fbcdn.net/v/t39.8562-6/	586 B 640 B	553ms 270ms	Image image/svg+xml	113.171.66.18 VNPT-AS-VN VNPT Corp
General Check archive.org Show headers Download Go to Show image Full URL https://scontent.fhan4-3.fna.fbcdn.net/v/t39.8562-6/146597050_455534749152435_1802453867954835002_n.svg?_nc_cat=1&ccb=1-7&_nc_sid=f537c7&_nc_eui2=AeHRCRS5zUPFuDsLq76K7a65HUhtHHEGnXgdSG0ccQadeJgf-k2NsN5wOl-j3oA0k18QC9Y5sn9UIAx-aw1SqnuF&_nc_ohc=VzAJBzCSf84Q7kNvgE_5s7g&_nc_ht=scontent.fhan4-3.fna&oh=00_AYAL_x8N6Z3tImx7cHh1Htzm3C5XQ3bgFEZENOr1rEu5hg&oe=66A64898 Requested by Host: actioncthanh.cfd URL: https://actioncthanh.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 113.171.66.18 Viet Tri, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN), Reverse DNS static.vnpt.vn Software / Resource Hash `aaede50f2432c07c5908316e0597f1a7139bab9888f3fc847424ba55d0b76965` Request headers Referer https://actioncthanh.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-fb-connection-quality MODERATE; q=0.3, rtt=268, rtx=0, c=24, mss=1232, tbw=7945, tp=11, tpl=0, uplat=1, ullat=-1 date Sun, 28 Jul 2024 06:25:26 GMT last-modified Wed, 03 Feb 2021 17:20:24 GMT content-type image/svg+xml access-control-allow-origin * x-fb-ptm-uuid 0F46C5EF273576E9F72890171E06F9B7 content-digest adler32=240165821 cache-control max-age=1209600, no-transform cross-origin-resource-policy cross-origin x-needle-checksum 240165821 accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=86400 content-length 586 priority u=3,i
GET H3	200	0fdd3f077818801d.css actioncthanh.cfd/_next/static/css/	223 KB 30 KB	310ms 309ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://actioncthanh.cfd/_next/static/css/0fdd3f077818801d.css Requested by Host: actioncthanh.cfd URL: https://actioncthanh.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f15572c5b064fc08cb3176beb14aeecefd52fdf207bbfe4fa784c07ed8e13d45` Request headers Referer https://actioncthanh.cfd/ Origin https://actioncthanh.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 06:25:26 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"37b45-190e3f03d29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uG6o1gn0qDXxaqOEEpaKS%2FU5yRN0Fcen9eb6yGNbW3uZTm22c8YcZSouhsVvxmM9U370MQTDAUZ1ogzdjKYLAs0curor2p3XrzmHMdDCGbPzcVrPjmjrFq0e6bgVAopNfi3r"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8aa2cabb2a3f37f7-FRA alt-svc h3=":443"; ma=86400
GET H3	200	2c050afe50c92cf1.css actioncthanh.cfd/_next/static/css/	13 KB 3 KB	213ms 212ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://actioncthanh.cfd/_next/static/css/2c050afe50c92cf1.css Requested by Host: actioncthanh.cfd URL: https://actioncthanh.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `451344a2f47e3d2947dfcb22bd081028159b60b275db6f637feec96bc5528007` Request headers Referer https://actioncthanh.cfd/ Origin https://actioncthanh.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 06:25:26 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"35da-190e3f03d29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g98uScQNPSGwxaTBRl70MihLd9JBQAeoGwu4%2BA%2F0nyUbO08gRZvwCqg%2BX40KlHnzbYD%2BU8fyAieRoU7sbifn8HHgxTLRdn1y6Ut428BWmFrodTl51xNZqhnD9aa46t2L3tgJ"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8aa2cabb2a4337f7-FRA alt-svc h3=":443"; ma=86400
GET H3	200	d3df112486f97f47.css actioncthanh.cfd/_next/static/css/	223 KB 30 KB	328ms 326ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://actioncthanh.cfd/_next/static/css/d3df112486f97f47.css Requested by Host: actioncthanh.cfd URL: https://actioncthanh.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bbe379b62770f4ea7a1efd904a23199a2d3a413f872e7a7c970b58656369cf4e` Request headers Referer https://actioncthanh.cfd/ Origin https://actioncthanh.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 06:25:26 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"37b40-190e3f03d29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kHnxAx1jD1jYG91mKZQL77OknrqkJ%2FFi6Dwse7sBIxh5YM1qlT4uv7ZAhRP800Kg%2BmAoAnyRyYIKyASwbwIkXy%2B3DRDw9A2FcI5uZMClDEL3zezvIrKZAPi3sxmb6r9WF%2Fgz"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8aa2cabb2a4c37f7-FRA alt-svc h3=":443"; ma=86400
GET H3	200	cb1d930da9b1fe93.css actioncthanh.cfd/_next/static/css/	5 KB 2 KB	220ms 218ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://actioncthanh.cfd/_next/static/css/cb1d930da9b1fe93.css Requested by Host: actioncthanh.cfd URL: https://actioncthanh.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8dac27f7555251ec980511f3ee3e9c7817571d278ba0242afb54f974358bb4db` Request headers Referer https://actioncthanh.cfd/ Origin https://actioncthanh.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 06:25:26 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1423-190e3f03d29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0JXZhOzoK45fGG7YuRHJ%2BSWWiMhAU%2Fwp%2FXmt92B8%2FIa%2FInp9icdA89L%2BjdmUosz70fdJ6dsDnRA5h1eblMzU7SgeZckzDR0IAgtM%2BGaN2HdPRybJLTsr0sCGJTjt%2BAieof8O"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8aa2cabb2a4d37f7-FRA alt-svc h3=":443"; ma=86400
GET H3	200	webpack-7303aa4a63486b5b.js Show response actioncthanh.cfd/_next/static/chunks/	5 KB 2 KB	222ms 220ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://actioncthanh.cfd/_next/static/chunks/webpack-7303aa4a63486b5b.js Requested by Host: actioncthanh.cfd URL: https://actioncthanh.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `532c4249d1a1b40e36af1af0987bbd80acf17cf50a6e0743ec6b44a6cd16d80a` Request headers Referer https://actioncthanh.cfd/ Origin https://actioncthanh.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 06:25:26 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1309-190e3f03d25" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FMpe0w13qlmyUglfpf%2BphE%2Bo1qBj7O0Tp%2FNJP625gOhs%2B8kmLGvS65HLhmBqJsJY34L%2BfiYzo%2FhQ%2BCrW5n6cxlS68JFGXDlRKvwpDYoaGBoO19SBoHNbRWd%2FWIWNNX7lvpWi"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8aa2cabb5a7537f7-FRA alt-svc h3=":443"; ma=86400
GET H3	200	fd9d1056-3a67e14551a2207a.js Show response actioncthanh.cfd/_next/static/chunks/	160 KB 50 KB	316ms 314ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://actioncthanh.cfd/_next/static/chunks/fd9d1056-3a67e14551a2207a.js Requested by Host: actioncthanh.cfd URL: https://actioncthanh.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6053e2837bb3d5edc361852f09e9d4b510a92e785e159a4e02d699389e856d17` Request headers Referer https://actioncthanh.cfd/ Origin https://actioncthanh.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 06:25:26 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"28042-190e3f03d25" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C3I1XZJw%2FaA8Twf1W1Gb73nYf4UBSyAdkEeAMze4kTkngmI1ckekkdECSPSYhbytzLB7z4kIu0KwphrJfPnUWWVL%2BPda2XXJOUbNGkJEMhTnVKbczHlmcXgkDN0%2Fyb06QTnI"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8aa2cabb5a7737f7-FRA alt-svc h3=":443"; ma=86400
GET H3	200	472-fe17376d219a679f.js Show response actioncthanh.cfd/_next/static/chunks/	108 KB 27 KB	325ms 323ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://actioncthanh.cfd/_next/static/chunks/472-fe17376d219a679f.js Requested by Host: actioncthanh.cfd URL: https://actioncthanh.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `08508245f47146a774ceed5e2276e9934c40383cc819aef22803cef49fbd0077` Request headers Referer https://actioncthanh.cfd/ Origin https://actioncthanh.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 06:25:26 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1afeb-190e3f03d29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E6IsDApsOZxR%2FvSgliR0EU%2BzZ4dXhZmwhfgYB4C2NvNhVWcSxCgSGTLCNQ5dJcXjr5nJWSAFIUudOjdyGeP%2B6yLHuCd%2BPuy%2Fn4RfCTFAi%2FMqeLXvYcuN%2F6ykgaHyg2HlQ5Jb"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8aa2cabb5a7937f7-FRA alt-svc h3=":443"; ma=86400
GET H3	200	main-app-9614633e07fe36c0.js Show response actioncthanh.cfd/_next/static/chunks/	508 B 696 B	222ms 220ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://actioncthanh.cfd/_next/static/chunks/main-app-9614633e07fe36c0.js Requested by Host: actioncthanh.cfd URL: https://actioncthanh.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ecfd7e91e1fe5ffad99c51cc92c839644046096b0bd208628442658a84069c71` Request headers Referer https://actioncthanh.cfd/ Origin https://actioncthanh.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 06:25:26 GMT content-encoding br cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1fc-190e3f03d25" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2PfFJ%2B33w%2Fczeokvr7KSQeY6j10q6qqQFMiFl4HTpegwjiei1wihlkZPLCecTtKZ2OmDlKi1LqEjOSSiRU29JRNZoXJeajKjb7eBeD2n3nUxg5ngFqfHmvBLKzwu%2FF0VBMFN"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8aa2cabb5a7b37f7-FRA alt-svc h3=":443"; ma=86400
GET H3	200	layout-550796722067184e.js Show response actioncthanh.cfd/_next/static/chunks/app/	2 KB 2 KB	222ms 220ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://actioncthanh.cfd/_next/static/chunks/app/layout-550796722067184e.js Requested by Host: actioncthanh.cfd URL: https://actioncthanh.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `76c43fcb7013fa20efb06a60eb4c8e78c2c345157444de9966b15af374a4f7e1` Request headers Referer https://actioncthanh.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 06:25:26 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"89a-190e3f03d25" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2BCGvBFjmt0VAlcX0z%2BSNLq4yY8Izi0eVTj8oYLD8fffMXJ%2F%2FUPogblWUGTLrNuvOB4qdBu4vj2osARJtWazpm9s4zOpzOLGc8wyAxYMw%2FrHWOe%2BoRmQQKsP1w0lsP9q3L8M"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8aa2cabb5a7d37f7-FRA alt-svc h3=":443"; ma=86400
GET H3	200	28-d011caca10f048c8.js Show response actioncthanh.cfd/_next/static/chunks/	131 KB 44 KB	297ms 295ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://actioncthanh.cfd/_next/static/chunks/28-d011caca10f048c8.js Requested by Host: actioncthanh.cfd URL: https://actioncthanh.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `468033051a55069da80610a31b2baac2088234f8d487d1c005ba17d179cd2a84` Request headers Referer https://actioncthanh.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 06:25:26 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"20da8-190e3f03d29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DA2t2OfNPJDpjHUdx6oKNwBKgaS8NROHWJ%2FfG3mWwkOfD6ZjRdnuZss5VJSQrVkbkogRrlmysoIHIYdLbRTwLhzB58gI4mhdStX9YeYpFEDI2H8WAPafl1qP2%2FDeZpnR0mgB"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8aa2cabb5a7f37f7-FRA alt-svc h3=":443"; ma=86400
GET H3	200	365-74c6667181c16b61.js Show response actioncthanh.cfd/_next/static/chunks/	27 KB 9 KB	237ms 236ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://actioncthanh.cfd/_next/static/chunks/365-74c6667181c16b61.js Requested by Host: actioncthanh.cfd URL: https://actioncthanh.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4d0ed6031c73277194a5dacd47b657bfd02f5f8b1756fe08d434200f41f1157c` Request headers Referer https://actioncthanh.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 06:25:26 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6dec-190e3f03d29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ULeSIDO%2BkOmqer5DW4nAnrjkgI7eBqdPy4Vq1cVwxg0cA1ZCHhFe0bFdWeR%2B0GS7Ib3vT1ulstSqCiMxYZcqkHrixTcvEO8Wji5Cr68mg4QP0Tmrg%2FtaT8owe0lH5WHyrpje"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8aa2cabb5a8137f7-FRA alt-svc h3=":443"; ma=86400
GET H3	200	page-a541a0199d0bdbd8.js Show response actioncthanh.cfd/_next/static/chunks/app/	19 KB 6 KB	220ms 219ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://actioncthanh.cfd/_next/static/chunks/app/page-a541a0199d0bdbd8.js Requested by Host: actioncthanh.cfd URL: https://actioncthanh.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `62dfea1ce72cd1426f1f365b4ff9c145a00737408afcf1bd1898bab82d6ca78e` Request headers Referer https://actioncthanh.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 06:25:26 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4aa0-190e3f03d25" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8DNF4u3WpWKRjpTmcZpgdfaTsLI6fmviUmSkY%2FGG8EO4b20fzap8u%2BM5GDrTNVk6pq9vCJ5oZyhZIAGSzhVdm%2Fg2euFJhC64nRl6CL9bV%2B3yd09IZW%2BOs%2BToebRBT%2BTesqOY"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8aa2cabb5a8337f7-FRA alt-svc h3=":443"; ma=86400
GET		favicon.ico actioncthanh.cfd/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: actioncthanh.cfd
URL: https://actioncthanh.cfd/favicon.ico

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunk_N_E object| __next_f object| next

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://actioncthanh.cfd/ Message: The key "!important" is not recognized and ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actioncthanh.cfd
firebasestorage.googleapis.com
scontent.fhan4-3.fna.fbcdn.net
actioncthanh.cfd
113.171.66.18
188.114.96.3
2a00:1450:4001:82a::200a
08508245f47146a774ceed5e2276e9934c40383cc819aef22803cef49fbd0077
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
451344a2f47e3d2947dfcb22bd081028159b60b275db6f637feec96bc5528007
468033051a55069da80610a31b2baac2088234f8d487d1c005ba17d179cd2a84
4d0ed6031c73277194a5dacd47b657bfd02f5f8b1756fe08d434200f41f1157c
532c4249d1a1b40e36af1af0987bbd80acf17cf50a6e0743ec6b44a6cd16d80a
6053e2837bb3d5edc361852f09e9d4b510a92e785e159a4e02d699389e856d17
62dfea1ce72cd1426f1f365b4ff9c145a00737408afcf1bd1898bab82d6ca78e
76c43fcb7013fa20efb06a60eb4c8e78c2c345157444de9966b15af374a4f7e1
845a30df6290baa441e6f804f32ed0007e9c4534a3204d9175914b329a63e33b
8dac27f7555251ec980511f3ee3e9c7817571d278ba0242afb54f974358bb4db
aaede50f2432c07c5908316e0597f1a7139bab9888f3fc847424ba55d0b76965
bbe379b62770f4ea7a1efd904a23199a2d3a413f872e7a7c970b58656369cf4e
ecfd7e91e1fe5ffad99c51cc92c839644046096b0bd208628442658a84069c71
f15572c5b064fc08cb3176beb14aeecefd52fdf207bbfe4fa784c07ed8e13d45
f85ae19942302afb33ddc15deb32e501c38ae71a83645fbdf96321b1443d4c55

actioncthanh.cfd Open in urlscan Pro 188.114.96.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

17 Requests

94 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

266 kBTransfer

985 kBSize

0 Cookies

4 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

actioncthanh.cfd Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

266 kB
Transfer

985 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!