urlscan.io logo urlscan.io
SecurityTrails logo

dongtam.com.vn Open in urlscan Pro
118.69.198.223  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://dongtam.com.vn/5/app/app/index.php
Submission: On July 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 118.69.198.223, located in Ho Chi Minh City, Viet Nam and belongs to FPT-AS-AP FPT Telecom Company, VN. The main domain is dongtam.com.vn.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 27th 2023. Valid for: a year.
This is the only time dongtam.com.vn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: TD Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
4 118.69.198.223 18403 (FPT-AS-AP...)
4 1
Apex Domain
Subdomains		 Transfer
4 dongtam.com.vn
dongtam.com.vn
13 KB
4 1
Domain Requested by
4 dongtam.com.vn dongtam.com.vn
4 1

This site contains no links.

Subject Issuer Validity Valid
*.dongtam.com.vn
Sectigo RSA Domain Validation Secure Server CA		 2023-10-27 -
2024-11-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://dongtam.com.vn/5/app/app/index.php
Frame ID: 7769AA4D09FF703BC48DC52FC33F67FB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Security Challenge

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

13 kB
Transfer

14 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
dongtam.com.vn/5/app/app/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dongtam.com.vn/5/app/app/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.69.198.223 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software
tino-panel / PHP/7.4.7
Resource Hash
ea37836e9bf05b728dd9a7a7a688b55b7fdfb1326fa3808c6cce0d6042ff2431
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 Jul 2024 02:26:48 GMT
Server
tino-panel
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.4.7
captcha-logo.png
dongtam.com.vn/5/app/asset/img/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dongtam.com.vn/5/app/asset/img/captcha-logo.png
Requested by
Host: dongtam.com.vn
URL: https://dongtam.com.vn/5/app/app/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.69.198.223 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software
tino-panel /
Resource Hash
bdb9c915dfc98f9f32f24885bf0cf8197e8b91e088c72f18b8a6567e077ee31d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dongtam.com.vn/5/app/app/index.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 02:26:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 14 Apr 2024 17:51:00 GMT
Server
tino-panel
ETag
"661c1784-2521"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9505
Expires
Wed, 17 Jul 2024 02:26:48 GMT
core.php
dongtam.com.vn/5/app/app/ 		960 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dongtam.com.vn/5/app/app/core.php
Requested by
Host: dongtam.com.vn
URL: https://dongtam.com.vn/5/app/app/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.69.198.223 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software
tino-panel / PHP/7.4.7
Resource Hash
4a7b0b4794b8c91ed9adb8d5769379a4c6571500003ec27801530bf1ef9e54a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dongtam.com.vn/5/app/app/index.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:26:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Server
tino-panel
X-Powered-By
PHP/7.4.7
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
dongtam.com.vn/5/app/asset/img/ 		318 B
758 B 		Other
General
Check archive.org
Download Go to
Full URL
https://dongtam.com.vn/5/app/asset/img/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.69.198.223 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software
tino-panel /
Resource Hash
269f0dcff109d738cffd32a6fee9c41141cbc294cc4dca4656e112e8e7479184
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dongtam.com.vn/5/app/app/index.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 02:26:49 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 14 Apr 2024 17:51:00 GMT
Server
tino-panel
ETag
"661c1784-13e"
Vary
Accept-Encoding
Content-Type
image/x-icon
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
318
Expires
Wed, 17 Jul 2024 02:26:49 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: TD Bank (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

1 Cookies

Domain/Path Name / Value
dongtam.com.vn/ Name: PHPSESSID
Value: 7ov525ecu3btn200s5pc4qtfp3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff