ausupport.sungwoom.com Open in urlscan Pro
181.214.58.104 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ausupport.sungwoom.com/
Effective URL:
https://ausupport.sungwoom.com/login
Submission: On November 29 via manual (November 29th 2024, 3:13:53 am UTC) from JP — Scanned from JP

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 24 HTTP transactions. The main IP is 181.214.58.104, located in Chisinau, Moldova and belongs to INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD. The main domain is ausupport.sungwoom.com.
TLS certificate: Issued by R10 on November 27th 2024. Valid for: 3 months.

This is the only time ausupport.sungwoom.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: au Jibun Bank (Financial)

Domain & IP information

	IP Address		AS Autonomous System
1 15	181.214.58.104 181.214.58.104		201670 (INFOTECH-...) (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L.)
24	2

15 181.214.58.104 (Chisinau, Moldova) 1 redirects

ASN201670 (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD)
PTR: webooo

ausupport.sungwoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	sungwoom.com 1 redirects ausupport.sungwoom.com	281 KB
24	1

	Domain	Requested by
15	ausupport.sungwoom.com	1 redirects ausupport.sungwoom.com
24	1

This site contains no links.

Subject Issuer	Validity	Valid
ausupport.sungwoom.com R10	`2024-11-27` - `2025-02-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ausupport.sungwoom.com/login
Frame ID: 0588F230745DDA647190FBF0C6FCBEDD
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ログイン | auじぶん銀行

Page URL History Show full URLs

https://ausupport.sungwoom.com/ HTTP 302
https://ausupport.sungwoom.com/login Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

58 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

281 kB
Transfer

1122 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ausupport.sungwoom.com/ HTTP 302
https://ausupport.sungwoom.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
ausupport.sungwoom.com/
Redirect Chain

https://ausupport.sungwoom.com/
https://ausupport.sungwoom.com/login

25 KB
6 KB

954ms
954ms

Document
text/html

181.214.58.104
INFOTECH-GRUP S.C...

General

Check archive.org

Show headers Download Go to

Full URL

https://ausupport.sungwoom.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

181.214.58.104 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD),

Reverse DNS

webooo

Software

nginx /

Resource Hash

9bd28e6f17fe97fc25ca23e3db4443c823ae4c230eef543ea6d4a9ad32805c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://au-ezwebserviceappsacces-billspaymentfailserror.188-166-153-183.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 29 Nov 2024 03:13:42 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

cache-control: no-cache,must-revalidate no-cache
content-type: text/html; charset=utf-8
date: Fri, 29 Nov 2024 03:13:41 GMT
location: login
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 jquery-3.7.1.min.js Show response
ausupport.sungwoom.com/com/ 85 KB
34 KB 2156ms
2150ms Script
application/javascript 181.214.58.104
INFOTECH-GRUP S.C...

General

Check archive.org

Show headers Download Go to

Full URL

https://ausupport.sungwoom.com/com/jquery-3.7.1.min.js

Requested by

Host: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

181.214.58.104 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD),

Reverse DNS

webooo

Software

nginx /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer: https://ausupport.sungwoom.com/login

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=60
content-encoding: gzip
etag: W/"65ac216a-155ed"
expires: Fri, 29 Nov 2024 03:14:43 GMT
x-cache: HIT
date: Fri, 29 Nov 2024 03:13:43 GMT
content-type: application/javascript
last-modified: Sat, 20 Jan 2024 19:39:22 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 all.js Show response
ausupport.sungwoom.com/au/ 256 KB
86 KB 2155ms
2150ms Script
application/javascript 181.214.58.104
INFOTECH-GRUP S.C...

General

Check archive.org

Show headers Download Go to

Full URL

https://ausupport.sungwoom.com/au/all.js

Requested by

Host: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

181.214.58.104 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD),

Reverse DNS

webooo

Software

nginx /

Resource Hash

e8881877c2878d17c77087ae8395eeb362b57e2c41aa0970eca42ee2ad3cecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer: https://ausupport.sungwoom.com/login

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=60
content-encoding: gzip
etag: W/"66d09b84-3fe02"
expires: Fri, 29 Nov 2024 03:14:43 GMT
x-cache: HIT
date: Fri, 29 Nov 2024 03:13:43 GMT
content-type: application/javascript
last-modified: Thu, 29 Aug 2024 16:02:12 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 app.js Show response
ausupport.sungwoom.com/au/ 190 KB
42 KB 2155ms
2150ms Script
application/javascript 181.214.58.104
INFOTECH-GRUP S.C...

General

Check archive.org

Show headers Download Go to

Full URL

https://ausupport.sungwoom.com/au/app.js

Requested by

Host: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

181.214.58.104 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD),

Reverse DNS

webooo

Software

nginx /

Resource Hash

4cf9036abe69464fdacd45e96d84ef45400515e75cfa4a1411b2a6d23e286fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer: https://ausupport.sungwoom.com/login

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=60
content-encoding: gzip
etag: W/"66d09b84-2f731"
expires: Fri, 29 Nov 2024 03:14:43 GMT
x-cache: HIT
date: Fri, 29 Nov 2024 03:13:43 GMT
content-type: application/javascript
last-modified: Thu, 29 Aug 2024 16:02:12 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 style.css
ausupport.sungwoom.com/au/ 516 KB
84 KB 332ms
328ms Stylesheet
text/css 181.214.58.104
INFOTECH-GRUP S.C...

General

Check archive.org

Show headers Download Go to

Full URL

https://ausupport.sungwoom.com/au/style.css

Requested by

Host: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

181.214.58.104 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD),

Reverse DNS

webooo

Software

nginx /

Resource Hash

8b60c08aff3a9cbb12ba803392edbb6a9067b798ea1a433c0fc969f5054ee3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer: https://ausupport.sungwoom.com/login

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=60
content-encoding: gzip
etag: W/"66d0adae-80ef4"
expires: Fri, 29 Nov 2024 03:14:42 GMT
x-cache: HIT
date: Fri, 29 Nov 2024 03:13:42 GMT
content-type: text/css
last-modified: Thu, 29 Aug 2024 17:19:42 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 common.js Show response
ausupport.sungwoom.com/au/ 4 KB
2 KB 2154ms
2151ms Script
application/javascript 181.214.58.104
INFOTECH-GRUP S.C...

General

Check archive.org

Show headers Download Go to

Full URL

https://ausupport.sungwoom.com/au/common.js

Requested by

Host: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

181.214.58.104 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD),

Reverse DNS

webooo

Software

nginx /

Resource Hash

cf13c4419977d2f686600b263e163329da325e3291a0a66d0de22b9808066d15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer: https://ausupport.sungwoom.com/login

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=60
content-encoding: gzip
etag: W/"66d09b84-11eb"
expires: Fri, 29 Nov 2024 03:14:43 GMT
x-cache: HIT
date: Fri, 29 Nov 2024 03:13:43 GMT
content-type: application/javascript
last-modified: Thu, 29 Aug 2024 16:02:12 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 extended_timeout.js Show response
ausupport.sungwoom.com/au/ 3 KB
2 KB 2154ms
2151ms Script
application/javascript 181.214.58.104
INFOTECH-GRUP S.C...

General

Check archive.org

Show headers Download Go to

Full URL

https://ausupport.sungwoom.com/au/extended_timeout.js

Requested by

Host: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

181.214.58.104 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD),

Reverse DNS

webooo

Software

nginx /

Resource Hash

7644ed95768ef11745d9721a02060a8cddc9d99ff6e6abfc79f24d6093e3e4cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer: https://ausupport.sungwoom.com/login

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=60
content-encoding: gzip
etag: W/"66d09b84-d06"
expires: Fri, 29 Nov 2024 03:14:43 GMT
x-cache: HIT
date: Fri, 29 Nov 2024 03:13:43 GMT
content-type: application/javascript
last-modified: Thu, 29 Aug 2024 16:02:12 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 loading.css
ausupport.sungwoom.com/au/ 4 KB
1 KB 2152ms
2149ms Stylesheet
text/css 181.214.58.104
INFOTECH-GRUP S.C...

General

Check archive.org

Show headers Download Go to

Full URL

https://ausupport.sungwoom.com/au/loading.css

Requested by

Host: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

181.214.58.104 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD),

Reverse DNS

webooo

Software

nginx /

Resource Hash

5779854489c6d1cd097b534efd6ce86b9624569a098c8df39d1a06ea818404fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer: https://ausupport.sungwoom.com/login

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=60
content-encoding: gzip
etag: W/"65a78b42-1169"
expires: Fri, 29 Nov 2024 03:14:42 GMT
x-cache: HIT
date: Fri, 29 Nov 2024 03:13:42 GMT
content-type: text/css
last-modified: Wed, 17 Jan 2024 08:09:38 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 img_site-logo_pc.png
ausupport.sungwoom.com/au/ 2 KB
2 KB 2155ms
2153ms Image
image/png 181.214.58.104
INFOTECH-GRUP S.C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ausupport.sungwoom.com/au/img_site-logo_pc.png

Requested by

Host: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

181.214.58.104 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD),

Reverse DNS

webooo

Software

nginx /

Resource Hash

c4da264867121b9f488748d2536849b092ba8df1e0529b45c4fa146d20d54b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer: https://ausupport.sungwoom.com/login

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=60
content-encoding: gzip
etag: W/"66d09b8c-86a"
expires: Fri, 29 Nov 2024 03:14:43 GMT
x-cache: HIT
date: Fri, 29 Nov 2024 03:13:43 GMT
content-type: image/png
last-modified: Thu, 29 Aug 2024 16:02:20 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 img_site-logo_sp.png
ausupport.sungwoom.com/au/ 2 KB
2 KB 2154ms
2153ms Image
image/png 181.214.58.104
INFOTECH-GRUP S.C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ausupport.sungwoom.com/au/img_site-logo_sp.png

Requested by

Host: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

181.214.58.104 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD),

Reverse DNS

webooo

Software

nginx /

Resource Hash

e557e6c5f8c1025b144bbca671c314820302284a1ab5c6f4151bc39de0d7b413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer: https://ausupport.sungwoom.com/login

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=60
content-encoding: gzip
etag: W/"66d09b8e-725"
expires: Fri, 29 Nov 2024 03:14:43 GMT
x-cache: HIT
date: Fri, 29 Nov 2024 03:13:43 GMT
content-type: image/png
last-modified: Thu, 29 Aug 2024 16:02:22 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 before_auth.css
ausupport.sungwoom.com/au/ 447 B
670 B 410ms
406ms Stylesheet
text/css 181.214.58.104
INFOTECH-GRUP S.C...

General

Check archive.org

Show headers Download Go to

Full URL

https://ausupport.sungwoom.com/au/before_auth.css

Requested by

Host: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

181.214.58.104 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD),

Reverse DNS

webooo

Software

nginx /

Resource Hash

6b2cfc91bcb1bcdf077aad92873045da05e3fc81706797e120ff7384a8cdbd3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer: https://ausupport.sungwoom.com/login

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=60
etag: "66d09b8e-1bf"
expires: Fri, 29 Nov 2024 03:14:49 GMT
accept-ranges: bytes
x-cache: HIT
content-length: 447
date: Fri, 29 Nov 2024 03:13:49 GMT
content-type: text/css
last-modified: Thu, 29 Aug 2024 16:02:22 GMT
server: nginx

GET question.svg
ausupport.sungwoom.com/au/ 0
0

GET
H2 200 digicert.png
ausupport.sungwoom.com/au/ 2 KB
3 KB 1060ms
1058ms Image
image/png 181.214.58.104
INFOTECH-GRUP S.C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ausupport.sungwoom.com/au/digicert.png

Requested by

Host: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

181.214.58.104 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD),

Reverse DNS

webooo

Software

nginx /

Resource Hash

bd9d68d5f1fd010ffa592493f6993df3f33b9965574d3fe530cc1a5729375955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer: https://ausupport.sungwoom.com/login

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=60
content-encoding: gzip
etag: W/"66d0a5ec-9b6"
expires: Fri, 29 Nov 2024 03:14:49 GMT
x-cache: HIT
date: Fri, 29 Nov 2024 03:13:49 GMT
content-type: image/png
last-modified: Thu, 29 Aug 2024 16:46:36 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 p_img04.png
ausupport.sungwoom.com/au/ 16 KB
16 KB 1620ms
1619ms Image
image/png 181.214.58.104
INFOTECH-GRUP S.C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ausupport.sungwoom.com/au/p_img04.png

Requested by

Host: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

181.214.58.104 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD),

Reverse DNS

webooo

Software

nginx /

Resource Hash

c609fb5ed551e96146c94fda8123ece55768e24305cabc162965160b7b5d0349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer: https://ausupport.sungwoom.com/login

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=60
content-encoding: gzip
etag: W/"66d09b8e-4021"
expires: Fri, 29 Nov 2024 03:14:49 GMT
x-cache: HIT
date: Fri, 29 Nov 2024 03:13:49 GMT
content-type: image/png
last-modified: Thu, 29 Aug 2024 16:02:22 GMT
server: nginx
vary: Accept-Encoding

GET p_img05.png
ausupport.sungwoom.com/au/ 0
0

GET p_img06.png
ausupport.sungwoom.com/au/ 0
0

GET bf.png
ausupport.sungwoom.com/au/ 0
0

GET layui.js
ausupport.sungwoom.com/layui280r2/ 0
0

GET layui.css
ausupport.sungwoom.com/layui280r2/css/ 0
0

GET NotoSansCJKjp-RegularSubset.woff
ausupport.sungwoom.com/au/ 0
0

GET
H2 200 p_img04.png
ausupport.sungwoom.com/au/ 16 KB
0 1239ms
1239ms Image
image/png 181.214.58.104
INFOTECH-GRUP S.C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ausupport.sungwoom.com/au/p_img04.png
Requested by: Host: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 181.214.58.104 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP S.C. INFOTECH-GRUP S.R.L., MD),
Reverse DNS: webooo
Software: nginx /
Resource Hash: c609fb5ed551e96146c94fda8123ece55768e24305cabc162965160b7b5d0349

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer: https://ausupport.sungwoom.com/login

Response headers

cache-control: max-age=60
content-encoding: gzip
etag: W/"66d09b8e-4021"
expires: Fri, 29 Nov 2024 03:14:49 GMT
x-cache: HIT
date: Fri, 29 Nov 2024 03:13:49 GMT
content-type: image/png
last-modified: Thu, 29 Aug 2024 16:02:22 GMT
server: nginx
vary: Accept-Encoding

GET p_img05.png
ausupport.sungwoom.com/au/ 0
0

GET p_img06.png
ausupport.sungwoom.com/au/ 0
0

GET NotoSansCJKjp-MediumSubset.woff
ausupport.sungwoom.com/au/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/au/question.svg

Domain: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/au/p_img05.png

Domain: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/au/p_img06.png

Domain: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/au/bf.png

Domain: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/layui280r2/layui.js

Domain: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/layui280r2/css/layui.css

Domain: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/au/NotoSansCJKjp-RegularSubset.woff

Domain: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/au/p_img05.png

Domain: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/au/p_img06.png

Domain: ausupport.sungwoom.com
URL: https://ausupport.sungwoom.com/au/NotoSansCJKjp-MediumSubset.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: au Jibun Bank (Financial)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ausupport.sungwoom.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: c57ce809225c1fb2b5a11e7277303ef2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
intervention	info	URL: https://ausupport.sungwoom.com/login(Line 377) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://ausupport.sungwoom.com/au/NotoSansCJKjp-RegularSubset.woff
intervention	info	URL: https://ausupport.sungwoom.com/login Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://ausupport.sungwoom.com/au/NotoSansCJKjp-MediumSubset.woff

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ausupport.sungwoom.com
ausupport.sungwoom.com
181.214.58.104
4cf9036abe69464fdacd45e96d84ef45400515e75cfa4a1411b2a6d23e286fc8
5779854489c6d1cd097b534efd6ce86b9624569a098c8df39d1a06ea818404fa
6b2cfc91bcb1bcdf077aad92873045da05e3fc81706797e120ff7384a8cdbd3d
7644ed95768ef11745d9721a02060a8cddc9d99ff6e6abfc79f24d6093e3e4cc
8b60c08aff3a9cbb12ba803392edbb6a9067b798ea1a433c0fc969f5054ee3a0
9bd28e6f17fe97fc25ca23e3db4443c823ae4c230eef543ea6d4a9ad32805c8e
bd9d68d5f1fd010ffa592493f6993df3f33b9965574d3fe530cc1a5729375955
c4da264867121b9f488748d2536849b092ba8df1e0529b45c4fa146d20d54b4c
c609fb5ed551e96146c94fda8123ece55768e24305cabc162965160b7b5d0349
cf13c4419977d2f686600b263e163329da325e3291a0a66d0de22b9808066d15
e557e6c5f8c1025b144bbca671c314820302284a1ab5c6f4151bc39de0d7b413
e8881877c2878d17c77087ae8395eeb362b57e2c41aa0970eca42ee2ad3cecbf
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

ausupport.sungwoom.com Open in urlscan Pro 181.214.58.104 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

58 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

281 kBTransfer

1122 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

ausupport.sungwoom.com Open in urlscan Pro
181.214.58.104 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

58 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

281 kB
Transfer

1122 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!