neisd.logics.cgffood.vn
Open in
urlscan Pro
115.146.120.179
Malicious Activity!
Public Scan
Submission: On October 27 via api from CA
Summary
This is the only time neisd.logics.cgffood.vn was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 115.146.120.179 115.146.120.179 | 38732 (CMCTELECO...) (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::200e | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
1 | 64.130.23.5 64.130.23.5 | 7859 (PAIR-NETW...) (PAIR-NETWORKS - pair Networks) | |
1 | 216.137.61.234 216.137.61.234 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
6 | 4 |
ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN)
PTR: haminhgia.com.vn
neisd.logics.cgffood.vn |
ASN7859 (PAIR-NETWORKS - pair Networks, US)
PTR: bountifulbreast.co.uk
www.bountifulbreast.co.uk |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-216-137-61-234.fra2.r.cloudfront.net
d2r5da613aq50s.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
cgffood.vn
neisd.logics.cgffood.vn |
15 KB |
1 |
cloudfront.net
d2r5da613aq50s.cloudfront.net |
37 KB |
1 |
bountifulbreast.co.uk
www.bountifulbreast.co.uk |
5 KB |
1 |
gstatic.com
encrypted-tbn1.gstatic.com |
3 KB |
6 | 4 |
Domain | Requested by | |
---|---|---|
3 | neisd.logics.cgffood.vn |
neisd.logics.cgffood.vn
|
1 | d2r5da613aq50s.cloudfront.net |
neisd.logics.cgffood.vn
|
1 | www.bountifulbreast.co.uk |
neisd.logics.cgffood.vn
|
1 | encrypted-tbn1.gstatic.com |
neisd.logics.cgffood.vn
|
6 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google.com Google Internet Authority G2 |
2017-10-17 - 2017-12-29 |
2 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://neisd.logics.cgffood.vn/Document.html
Frame ID: 3922.1
Requests: 6 HTTP requests in this frame
Screenshot
Detected technologies
OpenSSL (Web Server Extensions) ExpandDetected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Document.html
neisd.logics.cgffood.vn/ |
15 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
images
encrypted-tbn1.gstatic.com/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
100Secure.jpg
www.bountifulbreast.co.uk/images/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
316893.image0.jpg
d2r5da613aq50s.cloudfront.net/wp-content/uploads/ |
37 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
et-line.woff
neisd.logics.cgffood.vn/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
et-line.ttf
neisd.logics.cgffood.vn/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d2r5da613aq50s.cloudfront.net
encrypted-tbn1.gstatic.com
neisd.logics.cgffood.vn
www.bountifulbreast.co.uk
115.146.120.179
216.137.61.234
2a00:1450:4001:816::200e
64.130.23.5
0adaf254d55addf5f5d9723e346ba45d2762a59f10a118b4c4c54407923e59c3
2f71bea7601b970d07eea91af38bcee8b1c9fc197b5f85cbe9bae3b9f2b705c5
329de62ea28310985a4895303fb8caa1c814536c355930244dd559426fb9af75
a37cd55f528c6fa090e3c91d39c9db677c8d59129d3fdf920913d309a415f326