urlscan.io logo urlscan.io
SecurityTrails logo

www.fujinamivietnam.com Open in urlscan Pro
103.104.123.42  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.fujinamivietnam.com/ms-onedrive/office-22/
Submission: On March 19 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 8 HTTP transactions. The main IP is 103.104.123.42, located in Viet Nam and belongs to VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN. The main domain is www.fujinamivietnam.com.
TLS certificate: Issued by R3 on January 28th 2023. Valid for: 3 months.
This is the only time www.fujinamivietnam.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 103.104.123.42 135932 (VNDATA-AS...)
1 192.229.221.185 15133 (EDGECAST)
4 172.96.161.50 23470 (RELIABLESITE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 5
1    103.104.123.42 (Viet Nam)

ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN)
PTR: static-ptr.vndata.vn
www.fujinamivietnam.com
1    192.229.221.185 (United States)

ASN15133 (EDGECAST, US)
logincdn.msauth.net
4    172.96.161.50 (Los Angeles, United States)

ASN23470 (RELIABLESITE, US)
i.ibb.co
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
Apex Domain
Subdomains		 Transfer
4 ibb.co
i.ibb.co — Cisco Umbrella Rank: 12774
27 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2326
15 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 305
30 KB
1 msauth.net
logincdn.msauth.net — Cisco Umbrella Rank: 3683
1 KB
1 fujinamivietnam.com
www.fujinamivietnam.com
8 KB
8 5
Domain Requested by
4 i.ibb.co www.fujinamivietnam.com
1 stackpath.bootstrapcdn.com www.fujinamivietnam.com
1 ajax.googleapis.com www.fujinamivietnam.com
1 logincdn.msauth.net www.fujinamivietnam.com
1 www.fujinamivietnam.com
8 5

This site contains links to these domains. Also see Links.

Domain
passwordreset.microsoftonline.com
Subject Issuer Validity Valid
fujinamivietnam.com
R3		 2023-01-28 -
2023-04-28		 3 months crt.sh
identitycdn.msauth.net
Microsoft Azure TLS Issuing CA 06		 2022-08-23 -
2023-08-18		 a year crt.sh
ibb.co
R3		 2023-02-06 -
2023-05-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.fujinamivietnam.com/ms-onedrive/office-22/
Frame ID: 794C30D949E1266584DCEC2883B5300E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

80 kB
Transfer

168 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.fujinamivietnam.com/ms-onedrive/office-22/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fujinamivietnam.com/ms-onedrive/office-22/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.104.123.42 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
static-ptr.vndata.vn
Software
Apache / PHP/8.1.16 PleskLin
Resource Hash
fd8c76c6155a9f701740777d1056e3b930218901a74b9f2097fe02f44b6d9520

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Mar 2023 07:18:56 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
X-Powered-By
PHP/8.1.16 PleskLin
2_bc3d32a696895f78c19df6c717586a5d.svg
logincdn.msauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Requested by
Host: www.fujinamivietnam.com
URL: https://www.fujinamivietnam.com/ms-onedrive/office-22/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D03) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fujinamivietnam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 19 Mar 2023 07:18:56 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
1089296
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:42 GMT
server
ECAcc (frc/4D03)
etag
0x8D7B00724D9E930
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
bb932f60-701e-0075-264a-50f6ff000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
officebg2.png
i.ibb.co/r5zjhmN/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/r5zjhmN/officebg2.png
Requested by
Host: www.fujinamivietnam.com
URL: https://www.fujinamivietnam.com/ms-onedrive/office-22/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.161.50 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
0d21ef85e203f7c1ff1452a163fc1ca894b7f0a0169d6244264fc28254f7a00f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fujinamivietnam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 07:18:56 GMT
last-modified
Tue, 07 Jul 2020 01:34:27 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
13698
expires
Thu, 31 Dec 2037 23:55:55 GMT
miciconlogo.png
i.ibb.co/9qFGmjh/ 		256 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/9qFGmjh/miciconlogo.png
Requested by
Host: www.fujinamivietnam.com
URL: https://www.fujinamivietnam.com/ms-onedrive/office-22/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.161.50 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
98e79211acf423ebc37dd95cf9500e917e1ce5d3026e8a67787758f667e7cbcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fujinamivietnam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 07:18:56 GMT
last-modified
Tue, 07 Jul 2020 01:34:26 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
256
expires
Thu, 31 Dec 2037 23:55:55 GMT
forgotpass.png
i.ibb.co/F3yr74z/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/F3yr74z/forgotpass.png
Requested by
Host: www.fujinamivietnam.com
URL: https://www.fujinamivietnam.com/ms-onedrive/office-22/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.161.50 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
bb0d5d1f551350462a10278b50c558a6cd071c49c707d78ac89d29405e322eb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fujinamivietnam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 07:18:56 GMT
last-modified
Tue, 07 Jul 2020 01:34:26 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
4877
expires
Thu, 31 Dec 2037 23:55:55 GMT
ep.png
i.ibb.co/7CKgHCt/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/7CKgHCt/ep.png
Requested by
Host: www.fujinamivietnam.com
URL: https://www.fujinamivietnam.com/ms-onedrive/office-22/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.161.50 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
9891ad046883443ff8059b76da375985939924f098f3d9429eaf2ca8cb19dca5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fujinamivietnam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 07:18:56 GMT
last-modified
Tue, 07 Jul 2020 01:34:26 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
7525
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: www.fujinamivietnam.com
URL: https://www.fujinamivietnam.com/ms-onedrive/office-22/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fujinamivietnam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 00:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Mar 2024 00:43:59 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: www.fujinamivietnam.com
URL: https://www.fujinamivietnam.com/ms-onedrive/office-22/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fujinamivietnam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 07:18:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
723
age
1079170
cdn-cachedat
11/15/2021 23:30:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a35b0179a28ed953258d0fb41376a09c
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7aa3f1bb98a52c00-FRA
cdn-requestpullsuccess
True

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery object| bootstrap

0 Cookies