songlongtien.com Open in urlscan Pro
103.27.238.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2
Effective URL:
https://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2
Submission: On August 19 via api (August 19th 2024, 1:56:24 am UTC) from US — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 8 HTTP transactions. The main IP is 103.27.238.117, located in Viet Nam and belongs to LVSS-AS-VN Long Van System Solution JSC, VN. The main domain is songlongtien.com.
TLS certificate: Issued by E5 on July 8th 2024. Valid for: 3 months.

This is the only time songlongtien.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	103.27.238.117 103.27.238.117	131386 (LVSS-AS-V...) (LVSS-AS-VN Long Van System Solution JSC)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:90db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:4f06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:a4be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	5

2 103.27.238.117 (Viet Nam)

ASN131386 (LVSS-AS-VN Long Van System Solution JSC, VN)

songlongtien.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

flow.recordsbluemountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:90db (United States)

ASN13335 (CLOUDFLARENET, US)

records.perfectlinestarter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:4f06 (United States)

ASN13335 (CLOUDFLARENET, US)

state.flytonearstation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:a4be (United States)

ASN13335 (CLOUDFLARENET, US)

wave.rdntocdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	recordsbluemountain.com flow.recordsbluemountain.com	15 KB
2	songlongtien.com songlongtien.com	13 KB
1	rdntocdns.com wave.rdntocdns.com	15 KB
1	flytonearstation.com state.flytonearstation.com	7 KB
1	perfectlinestarter.com records.perfectlinestarter.com	7 KB
8	5

	Domain	Requested by
3	flow.recordsbluemountain.com	songlongtien.com wave.rdntocdns.com flow.recordsbluemountain.com
2	songlongtien.com
1	wave.rdntocdns.com	songlongtien.com
1	state.flytonearstation.com	songlongtien.com
1	records.perfectlinestarter.com	songlongtien.com
8	5

This site contains no links.

Subject Issuer	Validity	Valid
songlongtien.com E5	`2024-07-08` - `2024-10-06`	3 months	crt.sh
recordsbluemountain.com WE1	`2024-07-17` - `2024-10-15`	3 months	crt.sh
perfectlinestarter.com WE1	`2024-07-14` - `2024-10-12`	3 months	crt.sh
flytonearstation.com WE1	`2024-08-03` - `2024-11-01`	3 months	crt.sh
rdntocdns.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2
Frame ID: 6C2A030A6E969E18389E1C7B78FE2FED
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2 HTTP 307
https://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2 Page URL

Page Statistics

8
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

57 kB
Transfer

138 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2 HTTP 307
https://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request bo-via-be-tong-duc-san-binh-duong-2 Show response songlongtien.com/ Redirect Chain http://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2 https://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2	15 KB 6 KB	2048ms 1333ms	Document text/html	103.27.238.117 LVSS-AS-VN Long V...
General Check archive.org Show headers Download Go to Full URL https://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 103.27.238.117 , Viet Nam, ASN131386 (LVSS-AS-VN Long Van System Solution JSC, VN), Reverse DNS Software Apache/2 / Resource Hash `890e8372774f1b2b082757c6997e97b8a12fb86a5ba148ae501e95e8ae2271ad` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers cache-control max-age=0 content-encoding gzip content-length 6427 content-type text/html; charset=UTF-8 date Mon, 19 Aug 2024 01:56:19 GMT expires Mon, 19 Aug 2024 01:56:19 GMT server Apache/2 vary Accept-Encoding,User-Agent Redirect headers Location https://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2 Non-Authoritative-Reason HttpsUpgrades
GET H3	200	WFnwB6 Show response flow.recordsbluemountain.com/	13 KB 6 KB	266ms 244ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://flow.recordsbluemountain.com/WFnwB6?&se_referrer=&default_keyword=&&_cid=c31797c3-1a2f-5188-d1c0-97e3c0fa52f6&frm=script Requested by Host: songlongtien.com URL: https://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `6077b00a4c95b325837114b854780e8a9b1c86ded2252d8c304b86f5c04a0b6d` Request headers Referer https://songlongtien.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 01:56:21 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ac4LO%2FG0QdEQY5wHxmBQ00gBRD%2FZ0cMaJdKZFX48ZB%2Bn5G9m0fg1oqOKLeKC%2BVR%2B0hTiW3ktWbC4ee0dCJx5y%2FkIHq0peUmjnRY8NnK4%2Ffi1UeBfVBxC0UkM5MHS7qNSyW6DT1vUrIzl8m6A7yDrMN6Q011c7NmFWyv%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 8b5686ce0a66371b-FRA alt-svc h3=":443"; ma=86400 expires Mon, 19 Aug 2024 01:56:20 GMT
GET H3	200	run.js Show response records.perfectlinestarter.com/scripts/	16 KB 7 KB	41ms 19ms	Script application/javascript	2606:4700:3035::ac43:90db CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://records.perfectlinestarter.com/scripts/run.js Requested by Host: songlongtien.com URL: https://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:90db , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `aa986bc52b8410a764fe32b4ce6c2ce81f69c55219780fa39c03c5ede3817935` Request headers Referer https://songlongtien.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 01:56:20 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 02 Aug 2024 14:37:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1422995 etag W/"66acef46-410c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2A070KMBlbzxqe5Mq4aHW6VT9%2BzesPTVfnoHw2L4Xknr3YC8Y6D5fDLP3WuWpqC012pEjP87%2FMvyLdxDEBAc9H9i%2F4Z3A%2FZQd9OxS4FeT4rxdwBJv29rrdxEggPBLrzyTEADbtFFZTIXBp9Kep2kZ8DggPkZ5P9AR%2FOi5o0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=315360000 cf-ray 8b5686ce0e989b52-FRA alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H3	200	track.php Show response state.flytonearstation.com/	19 KB 7 KB	76ms 48ms	XHR application/javascript	2606:4700:3033::6815:4f06 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://state.flytonearstation.com/track.php Requested by Host: songlongtien.com URL: https://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4f06 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `99a664a232cf38d1475763c9d504349b21bb01205168d80359bf72a8bab30728` Request headers Referer https://songlongtien.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Aug 2024 01:56:20 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST content-type application/javascript; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y9tD5GWHJGW%2BtFhtU7xWy8hBscOXSFSSs7CW%2BcFfA0GQxaXE0gWSv7tAUfQCtytpQgbQSJof3eNwhU6gaJx%2F1OwhHbZUL9VcgA4Cp9FtTx5TiPJP%2BS%2FIvj4a8hpThkUxe9SN67cL4b03%2BmL%2FjuWCwqv6RsTa3eAn2Q%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8b5686ce1c6b18cd-FRA access-control-allow-headers X-Requested-With content-length 6991 alt-svc h3=":443"; ma=86400
GET H3	200	inputs.js Show response wave.rdntocdns.com/rps/	37 KB 15 KB	47ms 19ms	Script application/javascript	2606:4700:3030::ac43:a4be CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wave.rdntocdns.com/rps/inputs.js Requested by Host: songlongtien.com URL: https://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a4be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2074758a7dd10c06f9ae635adad8fd4882ef09c52e8cb2ff54f41c5b24877b8b` Request headers Referer https://songlongtien.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 01:56:20 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 02 Aug 2024 14:19:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1423151 etag W/"66aceaf2-931f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P7S3P07LkCDbmaDDv2MxCB34YgDX74%2Foy7%2BV%2FGknxvn2oNnPhZ%2F26tCKWXQjDzMGPeJQl375R4w58pSNrOFO%2Bvl%2Btbt%2BTjOuCLr3A9J9NBsVz1OKo%2F9VT5zQLgs9%2FKxoz6%2Bv2B8hiZxq%2F3Wtu%2FfMvEY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=315360000 cf-ray 8b5686ceaac72bc0-FRA alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	8YkzBStf Show response flow.recordsbluemountain.com/	0 795 B	228ms 227ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://flow.recordsbluemountain.com/8YkzBStf?q=songlongtien.com Requested by Host: wave.rdntocdns.com URL: https://wave.rdntocdns.com/rps/inputs.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://songlongtien.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 01:56:21 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2BTWma04D8SO%2F1QJoKN%2BoySQweXKiPizmnt7Hk6uFrm%2FPYUi8tDU%2FzYbfguXxXYWJKUuy8c32kxiqzeB3ZSTZmrN%2FoknZOWutR2xnG6HqFrlj3maDNcnHQj77mr8HOx%2B3%2FgYvz5JvKbqCMjYJfBu%2FwKyCVt590p1bxqA"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 8b5686cefae3371b-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires Mon, 19 Aug 2024 01:56:21 GMT
GET H3	200	9372JL Show response flow.recordsbluemountain.com/	23 KB 8 KB	224ms 223ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://flow.recordsbluemountain.com/9372JL Requested by Host: flow.recordsbluemountain.com URL: https://flow.recordsbluemountain.com/WFnwB6?&se_referrer=&default_keyword=&&_cid=c31797c3-1a2f-5188-d1c0-97e3c0fa52f6&frm=script Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `434bdafd47240430615c8633b644700f13899b5c089e38887aa338b9d36662d3` Request headers Referer https://songlongtien.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 01:56:21 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XxUNMi8ss%2BxZt0jC%2BBbnHT%2FUS1TntaaNSLKzovHNkEpPqbfij5kbilqMAx2ItSl4IP%2FZhdVt2MJ1M0QY7rGC%2FimevqcyuDqJ7nQlpvk0dUYaszPAaejQz3cjEhUerA1bgPf6kXJ1SaRg%2Bl3YBOFGy7qvRCy9M2lP8I7F"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 8b5686cfab57371b-FRA alt-svc h3=":443"; ma=86400 expires Mon, 19 Aug 2024 01:56:21 GMT
GET H2	200	favicon.ico songlongtien.com/	15 KB 6 KB	1282ms 1282ms	Other text/html	103.27.238.117 LVSS-AS-VN Long V...
General Check archive.org Show headers Download Go to Full URL https://songlongtien.com/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 103.27.238.117 , Viet Nam, ASN131386 (LVSS-AS-VN Long Van System Solution JSC, VN), Reverse DNS Software Apache/2 / Resource Hash `890e8372774f1b2b082757c6997e97b8a12fb86a5ba148ae501e95e8ae2271ad` Request headers Referer https://songlongtien.com/bo-via-be-tong-duc-san-binh-duong-2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 01:56:21 GMT content-encoding gzip server Apache/2 vary Accept-Encoding,User-Agent content-type text/html; charset=UTF-8 cache-control max-age=0 content-length 6427 expires Mon, 19 Aug 2024 01:56:21 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

flow.recordsbluemountain.com
records.perfectlinestarter.com
songlongtien.com
state.flytonearstation.com
wave.rdntocdns.com
103.27.238.117
2606:4700:3030::ac43:a4be
2606:4700:3033::6815:4f06
2606:4700:3035::ac43:90db
2a06:98c1:3120::3
2074758a7dd10c06f9ae635adad8fd4882ef09c52e8cb2ff54f41c5b24877b8b
434bdafd47240430615c8633b644700f13899b5c089e38887aa338b9d36662d3
6077b00a4c95b325837114b854780e8a9b1c86ded2252d8c304b86f5c04a0b6d
890e8372774f1b2b082757c6997e97b8a12fb86a5ba148ae501e95e8ae2271ad
99a664a232cf38d1475763c9d504349b21bb01205168d80359bf72a8bab30728
aa986bc52b8410a764fe32b4ce6c2ce81f69c55219780fa39c03c5ede3817935
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

songlongtien.com Open in urlscan Pro 103.27.238.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

8 Requests

100 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

57 kBTransfer

138 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

0 Cookies

Indicators

songlongtien.com Open in urlscan Pro
103.27.238.117 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

57 kB
Transfer

138 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions