Submitted URL: https://cs2.chuyenmobile.net/
Effective URL: https://cs2.chuyenmobile.net/dangnhap.php
Submission Tags: phishingrod
Submission: On October 21 via api from DE — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 103.200.22.100, located in Viet Nam and belongs to VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN. The main domain is cs2.chuyenmobile.net.
TLS certificate: Issued by R3 on October 21st 2023. Valid for: 3 months.
This is the only time cs2.chuyenmobile.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 103.200.22.100 135905 (VNPT-AS-V...)
1 142.250.184.234 15169 (GOOGLE)
3 142.250.185.227 15169 (GOOGLE)
11 3
Apex Domain
Subdomains
Transfer
8 chuyenmobile.net
cs2.chuyenmobile.net
133 KB
3 gstatic.com
fonts.gstatic.com
33 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
1 KB
11 3
Domain Requested by
8 cs2.chuyenmobile.net 1 redirects cs2.chuyenmobile.net
3 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com cs2.chuyenmobile.net
11 3

This site contains links to these domains. Also see Links.

Domain
chuyenmobile.net
zalo.me
Subject Issuer Validity Valid
cs2.chuyenmobile.net
R3
2023-10-21 -
2024-01-19
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://cs2.chuyenmobile.net/dangnhap.php
Frame ID: A691BDCA6770586DF61F2E61D8D385DD
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

Chiều Active

Page URL History Show full URLs

  1. https://cs2.chuyenmobile.net/ HTTP 302
    https://cs2.chuyenmobile.net/dangnhap.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • dataTables.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

167 kB
Transfer

510 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cs2.chuyenmobile.net/ HTTP 302
    https://cs2.chuyenmobile.net/dangnhap.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request dangnhap.php
cs2.chuyenmobile.net/
Redirect Chain
  • https://cs2.chuyenmobile.net/
  • https://cs2.chuyenmobile.net/dangnhap.php
4 KB
2 KB
Document
General
Full URL
https://cs2.chuyenmobile.net/dangnhap.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.22.100 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
web01.vietnix.vn
Software
LiteSpeed / PHP/7.4.33
Resource Hash
4196076360f9467facde515a608d4b1b5247ba682cf1b61fb61c09fb6fd957a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
1497
content-type
text/html; charset=UTF-8
date
Sat, 21 Oct 2023 18:43:16 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 21 Oct 2023 18:43:14 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
dangnhap.php
pragma
no-cache
server
LiteSpeed
x-powered-by
PHP/7.4.33
style.css
cs2.chuyenmobile.net/style/
5 KB
1 KB
Stylesheet
General
Full URL
https://cs2.chuyenmobile.net/style/style.css
Requested by
Host: cs2.chuyenmobile.net
URL: https://cs2.chuyenmobile.net/dangnhap.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.22.100 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
web01.vietnix.vn
Software
LiteSpeed /
Resource Hash
f1406447da1c512ed47ad457b2542ad87b4fd08ea51ace195754b6f61c423e6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cs2.chuyenmobile.net/dangnhap.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:43:16 GMT
content-encoding
br
last-modified
Fri, 15 Apr 2022 01:38:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1239
expires
Sat, 28 Oct 2023 18:43:16 GMT
jquery-ui.css
cs2.chuyenmobile.net/style/
35 KB
8 KB
Stylesheet
General
Full URL
https://cs2.chuyenmobile.net/style/jquery-ui.css
Requested by
Host: cs2.chuyenmobile.net
URL: https://cs2.chuyenmobile.net/dangnhap.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.22.100 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
web01.vietnix.vn
Software
LiteSpeed /
Resource Hash
aa3ec28a89f62e153ba2098e351d0245cdabcb355ee2c45cf00e6dc49fe602cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cs2.chuyenmobile.net/dangnhap.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:43:16 GMT
content-encoding
br
last-modified
Tue, 12 Apr 2022 19:02:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7839
expires
Sat, 28 Oct 2023 18:43:16 GMT
jquery.dataTables.min.css
cs2.chuyenmobile.net/style/
14 KB
2 KB
Stylesheet
General
Full URL
https://cs2.chuyenmobile.net/style/jquery.dataTables.min.css
Requested by
Host: cs2.chuyenmobile.net
URL: https://cs2.chuyenmobile.net/dangnhap.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.22.100 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
web01.vietnix.vn
Software
LiteSpeed /
Resource Hash
032de0ec7a94b330a8af0408113bb231072dad1bc3f1466d4057c172ccb715b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cs2.chuyenmobile.net/dangnhap.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:43:16 GMT
content-encoding
br
last-modified
Fri, 19 May 2017 21:47:12 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1855
expires
Sat, 28 Oct 2023 18:43:16 GMT
jquery.js
cs2.chuyenmobile.net/style/
85 KB
29 KB
Script
General
Full URL
https://cs2.chuyenmobile.net/style/jquery.js
Requested by
Host: cs2.chuyenmobile.net
URL: https://cs2.chuyenmobile.net/dangnhap.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.22.100 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
web01.vietnix.vn
Software
LiteSpeed /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cs2.chuyenmobile.net/dangnhap.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:43:16 GMT
content-encoding
br
last-modified
Wed, 06 Apr 2022 23:03:28 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29485
expires
Sat, 28 Oct 2023 18:43:16 GMT
jquery-ui.js
cs2.chuyenmobile.net/style/
248 KB
65 KB
Script
General
Full URL
https://cs2.chuyenmobile.net/style/jquery-ui.js
Requested by
Host: cs2.chuyenmobile.net
URL: https://cs2.chuyenmobile.net/dangnhap.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.22.100 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
web01.vietnix.vn
Software
LiteSpeed /
Resource Hash
62e025f236d1d3b5968630d56f540cfe15d65472b8189ee93c907ae55a7de480

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cs2.chuyenmobile.net/dangnhap.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:43:16 GMT
content-encoding
br
last-modified
Wed, 06 Apr 2022 23:03:28 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
66089
expires
Sat, 28 Oct 2023 18:43:16 GMT
jquery.dataTables.min.js
cs2.chuyenmobile.net/style/
81 KB
27 KB
Script
General
Full URL
https://cs2.chuyenmobile.net/style/jquery.dataTables.min.js
Requested by
Host: cs2.chuyenmobile.net
URL: https://cs2.chuyenmobile.net/dangnhap.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.22.100 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
web01.vietnix.vn
Software
LiteSpeed /
Resource Hash
b10583159ba91453b8a1ff60240d9cf592b9ca6f394a581faf558d6ea413778c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cs2.chuyenmobile.net/dangnhap.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:43:17 GMT
content-encoding
br
last-modified
Thu, 07 Apr 2022 09:57:18 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
27482
expires
Sat, 28 Oct 2023 18:43:17 GMT
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Baloo+Bhaina|Pacifico|Roboto
Requested by
Host: cs2.chuyenmobile.net
URL: https://cs2.chuyenmobile.net/style/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
35c2ea82ae700e410679e6593b31c01bcb45008269a56a09eba9d1d4119956a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cs2.chuyenmobile.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 18:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 18:43:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Oct 2023 18:43:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Baloo+Bhaina|Pacifico|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cs2.chuyenmobile.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 04:06:52 GMT
x-content-type-options
nosniff
age
138989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 04:06:52 GMT
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/
5 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Baloo+Bhaina|Pacifico|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cs2.chuyenmobile.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 03:50:37 GMT
x-content-type-options
nosniff
age
139964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5560
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 03:50:37 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Baloo+Bhaina|Pacifico|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cs2.chuyenmobile.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:44:36 GMT
x-content-type-options
nosniff
age
370725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Oct 2024 11:44:36 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
cs2.chuyenmobile.net/ Name: PHPSESSID
Value: dfc5390ad7a05d4830d46e83f74fbb81