urlscan.io logo urlscan.io
SecurityTrails logo

bvag.com.vn Open in urlscan Pro
103.139.102.102  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://bvag.com.vn/online/login
Submission: On March 29 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 18 HTTP transactions. The main IP is 103.139.102.102, located in Viet Nam and belongs to FPT-AS-AP FPT Telecom Company, VN. The main domain is bvag.com.vn.
TLS certificate: Issued by R3 on March 3rd 2022. Valid for: 3 months.
This is the only time bvag.com.vn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Union Bank of the Philippines (Banking)

Domain & IP information

IP Address AS Autonomous System
12 103.139.102.102 18403 (FPT-AS-AP...)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
1 95.101.88.73 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
18 6
12    103.139.102.102 (Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)
PTR: cp102.onedata.vn
bvag.com.vn
1    2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
1    95.101.88.73 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-88-73.deploy.static.akamaitechnologies.com
online.unionbankph.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 bvag.com.vn
bvag.com.vn
464 KB
2 gstatic.com
fonts.gstatic.com
32 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1059
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
1 KB
1 unionbankph.com
online.unionbankph.com — Cisco Umbrella Rank: 416896
1 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2782
35 KB
18 6
Domain Requested by
12 bvag.com.vn bvag.com.vn
2 fonts.gstatic.com fonts.googleapis.com
1 maxcdn.bootstrapcdn.com bvag.com.vn
1 fonts.googleapis.com bvag.com.vn
1 online.unionbankph.com bvag.com.vn
1 upload.wikimedia.org bvag.com.vn
18 6

This site contains no links.

Subject Issuer Validity Valid
bvag.com.vn
R3		 2022-03-03 -
2022-06-01		 3 months crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-10-19 -
2022-11-17		 a year crt.sh
online.unionbankph.com
GlobalSign Extended Validation CA - SHA256 - G3		 2021-12-09 -
2023-01-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bvag.com.vn/online/login
Frame ID: D28FF9F6714F90341BEE2F57DF89ACAF
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Union Bank of the Philippines

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

18
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

539 kB
Transfer

1453 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
bvag.com.vn/online/ 		39 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bvag.com.vn/online/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.139.102.102 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
cp102.onedata.vn
Software
LiteSpeed / PHP/7.4.28
Resource Hash
4ff1226a535245170fe3c9693a510cef64b790e419fe9e8d7b7e4d72fae5ba4b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-powered-by
PHP/7.4.28
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
content-encoding
br
vary
Accept-Encoding
date
Tue, 29 Mar 2022 09:32:21 GMT
server
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
1.5b3cd0a02202c16cafe1.css
bvag.com.vn/online/online/ 		3 KB
819 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bvag.com.vn/online/online/1.5b3cd0a02202c16cafe1.css
Requested by
Host: bvag.com.vn
URL: https://bvag.com.vn/online/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.139.102.102 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
cp102.onedata.vn
Software
LiteSpeed /
Resource Hash
6d634b49605835b4b32433caa4a1d4e6c8e6e98eaa4f987a372c3aac82a8876b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvag.com.vn/online/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 09:32:21 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 09:06:16 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
712
expires
Tue, 05 Apr 2022 09:32:21 GMT
bundle.5b3cd0a02202c16cafe1.css
bvag.com.vn/online/online/ 		925 KB
106 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bvag.com.vn/online/online/bundle.5b3cd0a02202c16cafe1.css
Requested by
Host: bvag.com.vn
URL: https://bvag.com.vn/online/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.139.102.102 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
cp102.onedata.vn
Software
LiteSpeed /
Resource Hash
a76370f59e96324b6224d322dabad8c75f83dc919ccbea3761965074319ee6d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvag.com.vn/online/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 09:32:21 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 09:06:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
108691
expires
Tue, 05 Apr 2022 09:32:21 GMT
base.5b3cd0a02202c16cafe1.js
bvag.com.vn/online/online/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bvag.com.vn/online/online/base.5b3cd0a02202c16cafe1.js
Requested by
Host: bvag.com.vn
URL: https://bvag.com.vn/online/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.139.102.102 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
cp102.onedata.vn
Software
LiteSpeed /
Resource Hash
e8870e9596ff0d9ba9f0639bef5de4d76765c06a38598a7d49e19e23fa49a06a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvag.com.vn/online/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 09:32:21 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 09:06:36 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3660
expires
Tue, 05 Apr 2022 09:32:21 GMT
4.5b3cd0a02202c16cafe1.js
bvag.com.vn/online/online/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bvag.com.vn/online/online/4.5b3cd0a02202c16cafe1.js
Requested by
Host: bvag.com.vn
URL: https://bvag.com.vn/online/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.139.102.102 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
cp102.onedata.vn
Software
LiteSpeed /
Resource Hash
c11f2bd4ffa0858a828903f5639e13f7dd770810fb599a0bd70a701663e15147

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvag.com.vn/online/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 09:32:21 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 09:06:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3882
expires
Tue, 05 Apr 2022 09:32:21 GMT
12.5b3cd0a02202c16cafe1.css
bvag.com.vn/online/online/ 		294 B
183 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bvag.com.vn/online/online/12.5b3cd0a02202c16cafe1.css
Requested by
Host: bvag.com.vn
URL: https://bvag.com.vn/online/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.139.102.102 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
cp102.onedata.vn
Software
LiteSpeed /
Resource Hash
bb8208db9912d23f5e589296fe2453de1f2d2ddd54924a3bf4924a774dc40399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvag.com.vn/online/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 09:32:21 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 09:06:16 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
151
expires
Tue, 05 Apr 2022 09:32:21 GMT
12.5b3cd0a02202c16cafe1.js
bvag.com.vn/online/online/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bvag.com.vn/online/online/12.5b3cd0a02202c16cafe1.js
Requested by
Host: bvag.com.vn
URL: https://bvag.com.vn/online/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.139.102.102 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
cp102.onedata.vn
Software
LiteSpeed /
Resource Hash
654a8124fb8ced71ea10099d00a410c67e469fe3ccf4ada825f3fce38e5d02ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvag.com.vn/online/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 09:32:21 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 09:06:44 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3432
expires
Tue, 05 Apr 2022 09:32:21 GMT
6.5b3cd0a02202c16cafe1.css
bvag.com.vn/online/online/ 		4 KB
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bvag.com.vn/online/online/6.5b3cd0a02202c16cafe1.css
Requested by
Host: bvag.com.vn
URL: https://bvag.com.vn/online/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.139.102.102 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
cp102.onedata.vn
Software
LiteSpeed /
Resource Hash
f4c84785b26e4afa7e344b59d3f3c7610a594545183ea92f7d87fc943dfd6b94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvag.com.vn/online/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 09:32:21 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 09:06:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
579
expires
Tue, 05 Apr 2022 09:32:21 GMT
6.5b3cd0a02202c16cafe1.js
bvag.com.vn/online/online/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bvag.com.vn/online/online/6.5b3cd0a02202c16cafe1.js
Requested by
Host: bvag.com.vn
URL: https://bvag.com.vn/online/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.139.102.102 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
cp102.onedata.vn
Software
LiteSpeed /
Resource Hash
b9604d30a8683bad79484fa54b564e8f976b630506f2b9a6d9359c826359a09c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvag.com.vn/online/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 09:32:21 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 09:06:38 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3630
expires
Tue, 05 Apr 2022 09:32:21 GMT
26.5b3cd0a02202c16cafe1.js
bvag.com.vn/online/online/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bvag.com.vn/online/online/26.5b3cd0a02202c16cafe1.js
Requested by
Host: bvag.com.vn
URL: https://bvag.com.vn/online/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.139.102.102 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
cp102.onedata.vn
Software
LiteSpeed /
Resource Hash
1631be89735026f4f6bea7e04e0754d305c33311ad8224666424f08c7ce9cd57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvag.com.vn/online/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 09:32:21 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 09:06:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3486
expires
Tue, 05 Apr 2022 09:32:21 GMT
0197659eaac436e5082dd8b8f0f5edc3.png
bvag.com.vn/online/online/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bvag.com.vn/online/online/0197659eaac436e5082dd8b8f0f5edc3.png
Requested by
Host: bvag.com.vn
URL: https://bvag.com.vn/online/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.139.102.102 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
cp102.onedata.vn
Software
LiteSpeed /
Resource Hash
46644f655d69d30a39e701d2927ce0969a921c99bb7dd73d8747455c4526b6d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvag.com.vn/online/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 09:32:22 GMT
last-modified
Thu, 06 May 2021 09:06:14 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3771
expires
Tue, 05 Apr 2022 09:32:22 GMT
1200px-BancNet_logo.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/5/57/BancNet_logo.svg/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/5/57/BancNet_logo.svg/1200px-BancNet_logo.svg.png
Requested by
Host: bvag.com.vn
URL: https://bvag.com.vn/online/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
5f5511cd77d6e5c9fccd39b64ee72d020ee980e3dc71150899d10705a52c0458
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvag.com.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 08:50:20 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
2524
x-cache-status
hit-front
x-cache
cp3055 hit, cp3055 hit/1
content-disposition
inline;filename*=UTF-8''BancNet_logo.svg.png
server-timing
cache;desc="hit-front", host;desc="cp3055"
content-length
34372
x-client-ip
2001:ac8:20:3b00:1012:3bb1:99b0:54b9
accept-ranges
bytes
last-modified
Thu, 20 Jan 2022 02:13:18 GMT
server
ATS/8.0.8
etag
2849a2793000b5d2ebd84239172b0709
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
x-timestamp
1642644797.73347
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
58cfe04e893f01896e517ae625751e6a.png
online.unionbankph.com/online-banking/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://online.unionbankph.com/online-banking/58cfe04e893f01896e517ae625751e6a.png
Requested by
Host: bvag.com.vn
URL: https://bvag.com.vn/online/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-73.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvag.com.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:300
Requested by
Host: bvag.com.vn
URL: https://bvag.com.vn/online/online/bundle.5b3cd0a02202c16cafe1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4c4ed92404060a6bf8df17e25941efbe8d8bff4b22a5a458a1e4af19d864cc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvag.com.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 09:32:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 29 Mar 2022 09:32:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Mar 2022 09:32:23 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: bvag.com.vn
URL: https://bvag.com.vn/online/online/bundle.5b3cd0a02202c16cafe1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvag.com.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 09:32:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722, 617
age
1605889
cdn-cachedat
2021-03-10 20:26:20
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e55ae71d8339ddb30e4376a027623d28
cf-ray
6f3799171cc10204-ZRH
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
04aa55f8de2e368f5621bbfb4c0c67e2.jpg
bvag.com.vn/online/online/ 		325 KB
326 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bvag.com.vn/online/online/04aa55f8de2e368f5621bbfb4c0c67e2.jpg
Requested by
Host: bvag.com.vn
URL: https://bvag.com.vn/online/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.139.102.102 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
cp102.onedata.vn
Software
LiteSpeed /
Resource Hash
ff2746f58870ea29115010a06010d45f9a584b9798a80c5114a30cc39ab777b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bvag.com.vn/online/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 09:32:22 GMT
last-modified
Thu, 06 May 2021 09:06:16 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
333216
expires
Tue, 05 Apr 2022 09:32:22 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bvag.com.vn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 20:07:55 GMT
x-content-type-options
nosniff
age
566668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Mar 2023 20:07:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bvag.com.vn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 18:59:49 GMT
x-content-type-options
nosniff
age
570754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Mar 2023 18:59:49 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Union Bank of the Philippines (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| showPassword

1 Cookies

Domain/Path Name / Value
bvag.com.vn/ Name: PHPSESSID
Value: 5df273b59642c2c6faa0ecceb07e1c1f

1 Console Messages

Source Level URL
Text
network error URL: https://online.unionbankph.com/online-banking/58cfe04e893f01896e517ae625751e6a.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bvag.com.vn
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
online.unionbankph.com
upload.wikimedia.org
103.139.102.102
2606:4700::6812:acf
2620:0:862:ed1a::2:b
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
95.101.88.73
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1631be89735026f4f6bea7e04e0754d305c33311ad8224666424f08c7ce9cd57
46644f655d69d30a39e701d2927ce0969a921c99bb7dd73d8747455c4526b6d6
4ff1226a535245170fe3c9693a510cef64b790e419fe9e8d7b7e4d72fae5ba4b
5f5511cd77d6e5c9fccd39b64ee72d020ee980e3dc71150899d10705a52c0458
654a8124fb8ced71ea10099d00a410c67e469fe3ccf4ada825f3fce38e5d02ff
6d634b49605835b4b32433caa4a1d4e6c8e6e98eaa4f987a372c3aac82a8876b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
a76370f59e96324b6224d322dabad8c75f83dc919ccbea3761965074319ee6d4
b9604d30a8683bad79484fa54b564e8f976b630506f2b9a6d9359c826359a09c
bb8208db9912d23f5e589296fe2453de1f2d2ddd54924a3bf4924a774dc40399
c11f2bd4ffa0858a828903f5639e13f7dd770810fb599a0bd70a701663e15147
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8870e9596ff0d9ba9f0639bef5de4d76765c06a38598a7d49e19e23fa49a06a
f4c4ed92404060a6bf8df17e25941efbe8d8bff4b22a5a458a1e4af19d864cc9
f4c84785b26e4afa7e344b59d3f3c7610a594545183ea92f7d87fc943dfd6b94
ff2746f58870ea29115010a06010d45f9a584b9798a80c5114a30cc39ab777b1