fil.com.vn Open in urlscan Pro
103.9.157.197 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fil.com.vn/
Effective URL:
https://fil.com.vn/
Submission: On July 15 via manual (July 15th 2023, 4:11:10 am UTC) from GB — Scanned from GB

Summary HTTP 56 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 56 HTTP transactions. The main IP is 103.9.157.197, located in Viet Nam and belongs to VNSO-AS-VN VNSO TECHNOLOGY COMPANY, VN. The main domain is fil.com.vn.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 18th 2022. Valid for: a year.

This is the only time fil.com.vn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1 36	103.9.157.197 103.9.157.197	63730 (VNSO-AS-V...) (VNSO-AS-VN VNSO TECHNOLOGY COMPANY)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	156.67.222.227 156.67.222.227	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
56	14

36 103.9.157.197 (Viet Nam) 1 redirects

ASN63730 (VNSO-AS-VN VNSO TECHNOLOGY COMPANY, VN)
PTR: webmail.titocovn.net

fil.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 156.67.222.227 (Singapore)

ASN47583 (AS-HOSTINGER, CY)

giuseart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	fil.com.vn 1 redirects fil.com.vn	714 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 274	22 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4009	27 KB
2	giuseart.com giuseart.com	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	90 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1196	85 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2767 maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1032	38 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	185 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1623	250 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	80 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 749	24 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	775 B
56	12

	Domain	Requested by
36	fil.com.vn	1 redirects fil.com.vn
5	cdnjs.cloudflare.com	fil.com.vn
3	static.addtoany.com	fil.com.vn static.addtoany.com
2	giuseart.com	fil.com.vn
2	connect.facebook.net	fil.com.vn connect.facebook.net
2	use.fontawesome.com	fil.com.vn use.fontawesome.com
1	www.facebook.com	fil.com.vn
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	fil.com.vn
1	maxcdn.bootstrapcdn.com	fil.com.vn
1	code.jquery.com	fil.com.vn
1	fonts.googleapis.com	fil.com.vn
1	stackpath.bootstrapcdn.com	fil.com.vn
56	13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
m.me
zalo.me

Subject Issuer	Validity	Valid
fil.com.vn Sectigo RSA Domain Validation Secure Server CA	`2022-11-18` - `2023-11-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-23` - `2023-07-22`	3 months	crt.sh
giuseart.com R3	`2023-06-12` - `2023-09-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://fil.com.vn/
Frame ID: 3ABD967A9C5BEE449CD6029EDB9A2CB9
Requests: 65 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 99ACF75676E66E5BD97862E23AEB19C8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trang chủ - Công ty TNHH FIL Việt Nam

Page URL History Show full URLs

http://fil.com.vn/ HTTP 301
https://fil.com.vn/ Page URL