amstamvovan.cfd Open in urlscan Pro
172.67.141.167 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://amstamvovan.cfd/
Effective URL:
https://amstamvovan.cfd/
Submission: On July 24 via api (July 24th 2024, 7:32:04 pm UTC) from NL — Scanned from NL

Summary HTTP 18 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 18 HTTP transactions. The main IP is 172.67.141.167, located in United States and belongs to CLOUDFLARENET, US. The main domain is amstamvovan.cfd.
TLS certificate: Issued by WE1 on July 23rd 2024. Valid for: 3 months.

This is the only time amstamvovan.cfd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
15	172.67.141.167 172.67.141.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	113.171.66.18 113.171.66.18	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
18	3

15 172.67.141.167 (United States)

ASN13335 (CLOUDFLARENET, US)

amstamvovan.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 113.171.66.18 (Viet Tri, Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

scontent.fhan4-3.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	amstamvovan.cfd amstamvovan.cfd	267 KB
2	fbcdn.net scontent.fhan4-3.fna.fbcdn.net — Cisco Umbrella Rank: 31342	640 B
1	googleapis.com firebasestorage.googleapis.com — Cisco Umbrella Rank: 6369	6 KB
18	3

	Domain	Requested by
15	amstamvovan.cfd	amstamvovan.cfd
2	scontent.fhan4-3.fna.fbcdn.net	amstamvovan.cfd
1	firebasestorage.googleapis.com	amstamvovan.cfd
18	3

This site contains links to these domains. Also see Links.

Domain
about.meta.com
www.facebook.com

Subject Issuer	Validity	Valid
amstamvovan.cfd WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.fhan4-3.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2024-06-04` - `2024-09-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://amstamvovan.cfd/
Frame ID: 566ABA56C61DB9AD64FDB9AF862C70CE
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Meta

Page URL History Show full URLs

http://amstamvovan.cfd/ HTTP 307
https://amstamvovan.cfd/ Page URL

Page Statistics

18
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

273 kB
Transfer

992 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://about.meta.com/
Title: About

Search URL Search Domain Scan URL

URL: https://www.facebook.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/help/568137493302217
Title: Ad choices

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policies
Title: Terms & Policies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://amstamvovan.cfd/ HTTP 307
https://amstamvovan.cfd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response amstamvovan.cfd/ Redirect Chain http://amstamvovan.cfd/ https://amstamvovan.cfd/	17 KB 5 KB	1160ms 276ms	Document text/html	172.67.141.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash `845a30df6290baa441e6f804f32ed0007e9c4534a3204d9175914b329a63e33b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control s-maxage=31536000, stale-while-revalidate cf-cache-status DYNAMIC cf-ray 8a865513dfe80493-FRA content-encoding br content-type text/html; charset=utf-8 date Wed, 24 Jul 2024 19:31:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bt8sNaWS185ssQoVMGnqKNA2s0XeQCXWqTHX3p9BqbjURjRw8tKUO8849VdaUR8nyNg4Lm54wrt4NpB92yZxFuIDNOzH%2BRqrG8smxPKJiChj4Elra%2BGVYF6iZ%2FkXsuMXkBQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding x-nextjs-cache HIT x-powered-by Next.js Redirect headers Location https://amstamvovan.cfd/ Non-Authoritative-Reason HttpsUpgrades
GET H3	200	c9a5bc6a7c948fb0-s.p.woff2 amstamvovan.cfd/_next/static/media/	45 KB 46 KB	468ms 447ms	Font font/woff2	172.67.141.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstamvovan.cfd/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2 Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1` Request headers Referer https://amstamvovan.cfd/ Origin https://amstamvovan.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 19:31:46 GMT cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"b5d8-190e3f03d25" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nckbqfYPTLvsB23d21Fr2%2Fv1eedG7tIVHIytOZOi1PPPdG%2FZgzpM5TpDsIi40pITzfnvWBoElT38pl3QMEO%2Bzp5PmQymIboQ72kfZZdY3%2BZ6YbJIsrYC%2BlETN%2BeTNcH0piE%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=31536000, immutable accept-ranges bytes cf-ray 8a8655163b830493-FRA alt-svc h3=":443"; ma=86400 content-length 46552
GET H2	200	img_meta.png firebasestorage.googleapis.com/v0/b/asm-sevice.appspot.com/o/	5 KB 6 KB	896ms 696ms	Image image/png	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://firebasestorage.googleapis.com/v0/b/asm-sevice.appspot.com/o/img_meta.png?alt=media&token=c3d7eeee-377a-4edd-8916-9f4996e615dc Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash `f85ae19942302afb33ddc15deb32e501c38ae71a83645fbdf96321b1443d4c55` Request headers Referer https://amstamvovan.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 19:31:46 GMT x-guploader-uploadid AHxI1nMbJjJZDMvY_KOBjcWl9S8TXDHb8SxWLVpAUyiEYstXVxRTdKYvzsjHGrW-aJUZEk8PapM x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-disposition inline; filename=utf-8''img_meta.png alt-svc* h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5127 last-modified Sat, 04 May 2024 09:40:07 GMT server UploadServer etag "3b365a98760b211155db1b2013fc89e9" x-goog-generation 1714815607378915 content-type image/png x-goog-hash crc32c=1Cl5Lg==, md5=OzZamHYLIRFV2xsgE/yJ6Q== cache-control private, max-age=0 x-goog-stored-content-length 5127 x-goog-meta-firebasestoragedownloadtokens c3d7eeee-377a-4edd-8916-9f4996e615dc accept-ranges bytes expires Wed, 24 Jul 2024 19:31:46 GMT
GET H3	200	146597050_455534749152435_1802453867954835002_n.svg scontent.fhan4-3.fna.fbcdn.net/v/t39.8562-6/	586 B 640 B	1359ms 604ms	Image image/svg+xml	113.171.66.18 VNPT-AS-VN VNPT Corp
General Check archive.org Show headers Download Go to Show image Full URL https://scontent.fhan4-3.fna.fbcdn.net/v/t39.8562-6/146597050_455534749152435_1802453867954835002_n.svg?_nc_cat=1&ccb=1-7&_nc_sid=f537c7&_nc_eui2=AeHRCRS5zUPFuDsLq76K7a65HUhtHHEGnXgdSG0ccQadeJgf-k2NsN5wOl-j3oA0k18QC9Y5sn9UIAx-aw1SqnuF&_nc_ohc=VzAJBzCSf84Q7kNvgE_5s7g&_nc_ht=scontent.fhan4-3.fna&oh=00_AYAL_x8N6Z3tImx7cHh1Htzm3C5XQ3bgFEZENOr1rEu5hg&oe=66A64898 Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 113.171.66.18 Viet Tri, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN), Reverse DNS static.vnpt.vn Software / Resource Hash `aaede50f2432c07c5908316e0597f1a7139bab9888f3fc847424ba55d0b76965` Request headers Referer https://amstamvovan.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-fb-connection-quality MODERATE; q=0.3, rtt=332, rtx=0, c=29, mss=1232, tbw=11787, tp=17, tpl=0, uplat=0, ullat=-1 date Wed, 24 Jul 2024 19:31:47 GMT last-modified Wed, 03 Feb 2021 17:20:24 GMT content-type image/svg+xml access-control-allow-origin * x-fb-ptm-uuid A545BC1DEFC1A15E26FDA720BE510582 content-digest adler32=240165821 cache-control max-age=1209600, no-transform cross-origin-resource-policy cross-origin x-needle-checksum 240165821 accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=86400 content-length 586 priority u=3,i
GET H3	200	0fdd3f077818801d.css amstamvovan.cfd/_next/static/css/	223 KB 30 KB	467ms 446ms	Stylesheet text/css	172.67.141.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstamvovan.cfd/_next/static/css/0fdd3f077818801d.css Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f15572c5b064fc08cb3176beb14aeecefd52fdf207bbfe4fa784c07ed8e13d45` Request headers Referer https://amstamvovan.cfd/ Origin https://amstamvovan.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 19:31:46 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"37b45-190e3f03d29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8E%2FzUcpgC3lQEviWUBgIheuhBYo7GSaop8w6yAgkY0rKPa4o1%2FQVvEPm2UGUEuowUvAy1dFVqivI8UzsYOCj0CmGciINB1oWDQIAeKKG4QIrsua6Df%2FwDHAIvraN5%2Fko1V0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8a8655163b840493-FRA alt-svc h3=":443"; ma=86400
GET H3	200	2c050afe50c92cf1.css amstamvovan.cfd/_next/static/css/	13 KB 3 KB	432ms 411ms	Stylesheet text/css	172.67.141.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstamvovan.cfd/_next/static/css/2c050afe50c92cf1.css Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `451344a2f47e3d2947dfcb22bd081028159b60b275db6f637feec96bc5528007` Request headers Referer https://amstamvovan.cfd/ Origin https://amstamvovan.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 19:31:46 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"35da-190e3f03d29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b8yo2DCOWBotFlYOwZVjsBeT3qH%2FjzX1JADMEik%2B1Na8%2BwUBhWDDHS2uroA53wIxzPgopQVPKy6TYlxNf35FSPfWr2ZJfin0qvPMjPjtQMlRFHgBt6nmQT0Q3oroFJPPNQw%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8a8655163b860493-FRA alt-svc h3=":443"; ma=86400
GET H3	200	d3df112486f97f47.css amstamvovan.cfd/_next/static/css/	223 KB 30 KB	463ms 441ms	Stylesheet text/css	172.67.141.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstamvovan.cfd/_next/static/css/d3df112486f97f47.css Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bbe379b62770f4ea7a1efd904a23199a2d3a413f872e7a7c970b58656369cf4e` Request headers Referer https://amstamvovan.cfd/ Origin https://amstamvovan.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 19:31:46 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"37b40-190e3f03d29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qB6ovBPWCvIc20LccHxbLEqR1ipsLs0C8M6KfshVa7C4Ms1watyqoqETmcmJwEIFxSQ4LIm4tsJwwrXPtu5jzc10LKmvvmPR546fJtlFSGl%2FRTR2kzTRQdQViROxzqtpU20%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8a8655163b870493-FRA alt-svc h3=":443"; ma=86400
GET H3	200	cb1d930da9b1fe93.css amstamvovan.cfd/_next/static/css/	5 KB 2 KB	234ms 212ms	Stylesheet text/css	172.67.141.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstamvovan.cfd/_next/static/css/cb1d930da9b1fe93.css Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8dac27f7555251ec980511f3ee3e9c7817571d278ba0242afb54f974358bb4db` Request headers Referer https://amstamvovan.cfd/ Origin https://amstamvovan.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 19:31:46 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1423-190e3f03d29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kTIaN3kkQCwLuBZQhotRwCdWSIHu0COgqxpEyKRY0dNRN5mbnJQmUUZdUy2wx0sFw0m71hdijYSipr1XjERXX93nayb79sfn8mxSETX7kWqv%2BbqS4wtp4mQ%2BbIkndaLJg7I%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8a8655163b890493-FRA alt-svc h3=":443"; ma=86400
GET H3	200	webpack-7303aa4a63486b5b.js Show response amstamvovan.cfd/_next/static/chunks/	5 KB 2 KB	376ms 372ms	Script application/javascript	172.67.141.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstamvovan.cfd/_next/static/chunks/webpack-7303aa4a63486b5b.js Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `532c4249d1a1b40e36af1af0987bbd80acf17cf50a6e0743ec6b44a6cd16d80a` Request headers Referer https://amstamvovan.cfd/ Origin https://amstamvovan.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 19:31:46 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1309-190e3f03d25" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SXNUYgX%2Fbs%2F9G1ZcLjUtQMYsvYN8TgxwDmFP3qNZycmktu6GMs%2F9jvd85TKdHVMEeCg45AyCFOlikBNlrknqHD2nmz9pPsy4w%2FCijn8BTD0Wrd7F5eVjUkZucvyRpBMR%2F%2Fo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8a8655167be00493-FRA alt-svc h3=":443"; ma=86400
GET H3	200	fd9d1056-3a67e14551a2207a.js Show response amstamvovan.cfd/_next/static/chunks/	160 KB 50 KB	410ms 408ms	Script application/javascript	172.67.141.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstamvovan.cfd/_next/static/chunks/fd9d1056-3a67e14551a2207a.js Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6053e2837bb3d5edc361852f09e9d4b510a92e785e159a4e02d699389e856d17` Request headers Referer https://amstamvovan.cfd/ Origin https://amstamvovan.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 19:31:46 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"28042-190e3f03d25" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I4dECyzZySirGwRvXHjJit1MtAbUhMofbYZBKIDIgZz1hZsNIIW7U8UWfmnE1q7J3km22vJYj3nY%2F6Gr37da5jDVNg0FUXtoDZikvt5rFoza4251ktg6kNiIC8XhwgBPBdc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8a8655167be30493-FRA alt-svc h3=":443"; ma=86400
GET H3	200	472-fe17376d219a679f.js Show response amstamvovan.cfd/_next/static/chunks/	108 KB 27 KB	593ms 591ms	Script application/javascript	172.67.141.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstamvovan.cfd/_next/static/chunks/472-fe17376d219a679f.js Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `08508245f47146a774ceed5e2276e9934c40383cc819aef22803cef49fbd0077` Request headers Referer https://amstamvovan.cfd/ Origin https://amstamvovan.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 19:31:46 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1afeb-190e3f03d29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zxkmJiUXhFpAXGVRsEak%2F2kwCwkK%2BtHhjmmmHPjqbTKOzZ%2Fuf3vU%2F3PIqcr23x7FOdADdYNRi2OFWC77dj9E6c1SDxRYin%2FMRl861gr6g3x%2B3vLR9kn5oTT0jKNm1Bpgdio%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8a8655167be70493-FRA alt-svc h3=":443"; ma=86400
GET H3	200	main-app-9614633e07fe36c0.js Show response amstamvovan.cfd/_next/static/chunks/	508 B 696 B	385ms 383ms	Script application/javascript	172.67.141.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstamvovan.cfd/_next/static/chunks/main-app-9614633e07fe36c0.js Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ecfd7e91e1fe5ffad99c51cc92c839644046096b0bd208628442658a84069c71` Request headers Referer https://amstamvovan.cfd/ Origin https://amstamvovan.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 19:31:46 GMT content-encoding br cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1fc-190e3f03d25" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mb4Q%2BibVZBermTg2thdNeLh7ew53npmPpwkgZkiXfeqKHg4xrWwVbMxCavOWAA6PLAn3xxYxe644hI6qnex5z96P8qkhXlJ3IvxxxWQV5hhqW89p15LH7ETVyuLwbEJyLeU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8a8655167be90493-FRA alt-svc h3=":443"; ma=86400
GET H3	200	layout-550796722067184e.js Show response amstamvovan.cfd/_next/static/chunks/app/	2 KB 2 KB	374ms 373ms	Script application/javascript	172.67.141.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstamvovan.cfd/_next/static/chunks/app/layout-550796722067184e.js Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `76c43fcb7013fa20efb06a60eb4c8e78c2c345157444de9966b15af374a4f7e1` Request headers Referer https://amstamvovan.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 19:31:46 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"89a-190e3f03d25" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=51Iwq3ZFtGkr5mMrqXRmM371UA9Ppl1pEHXpx2eACtFq48HNBXFQ2Mj54Gtoofq7E4xRRahPP8NfXf5zwPSWcYG77XSef%2BLIdRWvuwCI5Zb3SMEKaggRg8spFlvW%2Fi6E2nI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8a8655167beb0493-FRA alt-svc h3=":443"; ma=86400
GET H3	200	28-d011caca10f048c8.js Show response amstamvovan.cfd/_next/static/chunks/	131 KB 44 KB	699ms 697ms	Script application/javascript	172.67.141.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstamvovan.cfd/_next/static/chunks/28-d011caca10f048c8.js Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `468033051a55069da80610a31b2baac2088234f8d487d1c005ba17d179cd2a84` Request headers Referer https://amstamvovan.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 19:31:46 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"20da8-190e3f03d29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JJR2Sa2F2nOTSeIwEXcAnoxQS3Ulb8aP346Or8BK%2B2BwwX3ooXL4NkC%2BCmSo3utS0iJ4ZMSnr536V9dVQJhJZK17z7htO6VsHmTBbeAFIBEVLIbbMQ4rTKG1B1%2BhNOKCZu8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8a8655167bef0493-FRA alt-svc h3=":443"; ma=86400
GET H3	200	365-74c6667181c16b61.js Show response amstamvovan.cfd/_next/static/chunks/	27 KB 9 KB	374ms 372ms	Script application/javascript	172.67.141.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstamvovan.cfd/_next/static/chunks/365-74c6667181c16b61.js Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4d0ed6031c73277194a5dacd47b657bfd02f5f8b1756fe08d434200f41f1157c` Request headers Referer https://amstamvovan.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 19:31:46 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6dec-190e3f03d29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mv0%2BrkRSBJXmuzp%2Bl8fnaGPC97mbFv5KhxCbSTPvMvNhT7hmsxFnxsypneUmRlfXuD6hiFi6%2FTJwmSHOaxHt9db5bjm%2FQ0fUxezKv6XnnUr7pFaLkSJBbSi%2FmQw4D%2Fs7g3A%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8a8655167bf10493-FRA alt-svc h3=":443"; ma=86400
GET H3	200	page-a541a0199d0bdbd8.js Show response amstamvovan.cfd/_next/static/chunks/app/	19 KB 6 KB	384ms 383ms	Script application/javascript	172.67.141.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstamvovan.cfd/_next/static/chunks/app/page-a541a0199d0bdbd8.js Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `62dfea1ce72cd1426f1f365b4ff9c145a00737408afcf1bd1898bab82d6ca78e` Request headers Referer https://amstamvovan.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 19:31:46 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 24 Jul 2024 08:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4aa0-190e3f03d25" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2sVtnfcILZ6rC2HG33vcuveewOoeD5T4aBSZgFDyFf4OtBdn2t4odOit0ETp4vtMSVFWiMVaZs43pWP7%2BeLXu1GUtpcbuIyLgcvw0IUlNW5YgdDNSXDG4uvVpr%2BJvQMOjgk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 8a8655167bf30493-FRA alt-svc h3=":443"; ma=86400
GET H3	200	146597050_455534749152435_1802453867954835002_n.svg scontent.fhan4-3.fna.fbcdn.net/v/t39.8562-6/	586 B 0	1427ms 1427ms	Image image/svg+xml	113.171.66.18 VNPT-AS-VN VNPT Corp
General Check archive.org Show headers Download Go to Show image Full URL https://scontent.fhan4-3.fna.fbcdn.net/v/t39.8562-6/146597050_455534749152435_1802453867954835002_n.svg?_nc_cat=1&ccb=1-7&_nc_sid=f537c7&_nc_eui2=AeHRCRS5zUPFuDsLq76K7a65HUhtHHEGnXgdSG0ccQadeJgf-k2NsN5wOl-j3oA0k18QC9Y5sn9UIAx-aw1SqnuF&_nc_ohc=VzAJBzCSf84Q7kNvgE_5s7g&_nc_ht=scontent.fhan4-3.fna&oh=00_AYAL_x8N6Z3tImx7cHh1Htzm3C5XQ3bgFEZENOr1rEu5hg&oe=66A64898 Requested by Host: amstamvovan.cfd URL: https://amstamvovan.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 113.171.66.18 Viet Tri, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN), Reverse DNS static.vnpt.vn Software / Resource Hash `aaede50f2432c07c5908316e0597f1a7139bab9888f3fc847424ba55d0b76965` Request headers Referer https://amstamvovan.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-fb-connection-quality MODERATE; q=0.3, rtt=332, rtx=0, c=29, mss=1232, tbw=11787, tp=17, tpl=0, uplat=0, ullat=-1 date Wed, 24 Jul 2024 19:31:47 GMT last-modified Wed, 03 Feb 2021 17:20:24 GMT content-type image/svg+xml access-control-allow-origin * x-fb-ptm-uuid A545BC1DEFC1A15E26FDA720BE510582 content-digest adler32=240165821 cache-control max-age=1209600, no-transform cross-origin-resource-policy cross-origin x-needle-checksum 240165821 accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=86400 content-length 586 priority u=3,i
GET H3	200	favicon.ico amstamvovan.cfd/	6 KB 7 KB	141ms 141ms	Other image/x-icon	172.67.141.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstamvovan.cfd/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.141.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6edbde440daa9ebdc794eb4b505a061faa33ba936da054bc8671fa53e186a57b` Request headers Referer https://amstamvovan.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 19:31:51 GMT content-encoding br cf-cache-status MISS last-modified Wed, 24 Jul 2024 19:31:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uXSScSIFNbVtHAckXmOOypwYicIozkx3%2BRmYl0t7hWg%2FIBdyXettaHbt4pv4rYk4LQfg3kwr31uRSjtHufefCDmiSBJWKi%2FZYFKODZKN9inETp%2B78mKqBnm1ziepv%2B%2BiPuw%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon x-nextjs-cache HIT cache-control public, max-age=14400, must-revalidate cf-ray 8a8655368cb70493-FRA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunk_N_E object| __next_f object| next

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://amstamvovan.cfd/ Message: The key "!important" is not recognized and ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amstamvovan.cfd
firebasestorage.googleapis.com
scontent.fhan4-3.fna.fbcdn.net
113.171.66.18
172.67.141.167
2a00:1450:4001:800::200a
08508245f47146a774ceed5e2276e9934c40383cc819aef22803cef49fbd0077
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
451344a2f47e3d2947dfcb22bd081028159b60b275db6f637feec96bc5528007
468033051a55069da80610a31b2baac2088234f8d487d1c005ba17d179cd2a84
4d0ed6031c73277194a5dacd47b657bfd02f5f8b1756fe08d434200f41f1157c
532c4249d1a1b40e36af1af0987bbd80acf17cf50a6e0743ec6b44a6cd16d80a
6053e2837bb3d5edc361852f09e9d4b510a92e785e159a4e02d699389e856d17
62dfea1ce72cd1426f1f365b4ff9c145a00737408afcf1bd1898bab82d6ca78e
6edbde440daa9ebdc794eb4b505a061faa33ba936da054bc8671fa53e186a57b
76c43fcb7013fa20efb06a60eb4c8e78c2c345157444de9966b15af374a4f7e1
845a30df6290baa441e6f804f32ed0007e9c4534a3204d9175914b329a63e33b
8dac27f7555251ec980511f3ee3e9c7817571d278ba0242afb54f974358bb4db
aaede50f2432c07c5908316e0597f1a7139bab9888f3fc847424ba55d0b76965
bbe379b62770f4ea7a1efd904a23199a2d3a413f872e7a7c970b58656369cf4e
ecfd7e91e1fe5ffad99c51cc92c839644046096b0bd208628442658a84069c71
f15572c5b064fc08cb3176beb14aeecefd52fdf207bbfe4fa784c07ed8e13d45
f85ae19942302afb33ddc15deb32e501c38ae71a83645fbdf96321b1443d4c55

amstamvovan.cfd Open in urlscan Pro 172.67.141.167 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

273 kBTransfer

992 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

amstamvovan.cfd Open in urlscan Pro
172.67.141.167 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

273 kB
Transfer

992 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!