sportday66.mwk.ac.th Open in urlscan Pro
2a06:98c1:3121::9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/
Submission: On April 07 via api (April 7th 2024, 2:09:13 am UTC) from BY — Scanned from NL

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3121::9, located in United States and belongs to CLOUDFLARENET, US. The main domain is sportday66.mwk.ac.th.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2023. Valid for: a year.

This is the only time sportday66.mwk.ac.th was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: IRS (Government)

Domain & IP information

	IP Address	AS Autonomous System
11	2a06:98c1:312... 2a06:98c1:3121::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2

11 2a06:98c1:3121::9 (United States)

ASN13335 (CLOUDFLARENET, US)

sportday66.mwk.ac.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

sportday66.mwk.ac.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	mwk.ac.th sportday66.mwk.ac.th	55 KB
15	1

	Domain	Requested by
15	sportday66.mwk.ac.th	sportday66.mwk.ac.th
15	1

This site contains no links.

Subject Issuer	Validity	Valid
mwk.ac.th Cloudflare Inc ECC CA-3	`2023-07-12` - `2024-07-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/
Frame ID: B865C2CBACE0F12E3784AFCEE9E5529F
Requests: 14 HTTP requests in this frame

Frame: https://sportday66.mwk.ac.th/assets/images/irsus/home_files/saved_resource.htm
Frame ID: 51AA40F25777BDC914E7E0792505F8DF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

2
IPs

2
Countries

55 kB
Transfer

247 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request home.html Show response sportday66.mwk.ac.th/assets/images/irsus/	12 KB 4 KB	296ms 229ms	Document text/html	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ad2f435f42c01c935af717382851192b5d51ff23b18ca31ee19bf605a01f3446` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language nl-NL,nl;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8706794efdfb0b63-AMS content-encoding br content-type text/html date Sun, 07 Apr 2024 02:09:09 GMT last-modified Tue, 25 Apr 2023 01:40:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WFpRwDJILR9LdX1if1Y8SpmFHaL1Q5KBVsDXrU%2B9g%2FRaNYjY0CKu3s3ENo9WOkml7JFyL9HXt39AHLP5bzbHCZqdZLFo7ntDPfisHz979NeTc%2B0sMWbEb11VuIzIzMILN3BYZcH2KtFxrPeACq8nfDGSlg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding,User-Agent
GET H2	200	bootstrap.css sportday66.mwk.ac.th/assets/images/irsus/home_files/	152 KB 24 KB	287ms 286ms	Stylesheet text/css	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sportday66.mwk.ac.th/assets/images/irsus/home_files/bootstrap.css Requested by Host: sportday66.mwk.ac.th URL: https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ accept-language nl-NL,nl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 02:09:09 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 08 Jun 2022 07:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2606e-5e0ea6326a780-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BQCpUgFeRPaFRZDx3JFuNLpQJXu266hyZ5YtPKB8U%2Bne0y5Mtyj2Kxx5gmkFF93eZsCN%2BUcv40FnAzIJbsvepjdQSmdkGuaI1cq4hpZYu9XSZo0XBTPr6sks3l920RWzeDuzXI3g6FimsEZHbJLCD%2FAheQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=30 cf-ray 870679506e3b0b63-AMS alt-svc h3=":443"; ma=86400
GET H2	200	jquery-ui.css sportday66.mwk.ac.th/assets/images/irsus/home_files/	31 KB 8 KB	245ms 244ms	Stylesheet text/css	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sportday66.mwk.ac.th/assets/images/irsus/home_files/jquery-ui.css Requested by Host: sportday66.mwk.ac.th URL: https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ accept-language nl-NL,nl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 02:09:09 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 08 Jun 2022 07:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"7d52-5e0ea6326a780-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWcAHuluv2re8l46czegYthppU%2Bz9IXCaLtWDS3hfnFPVOVIkYqw%2BgV%2B1sW0MG10LVF7XWpNsk%2BQJGknTJi9Hpv6c3U%2BVsoEUTZ44BwGBvTF6Z7ZmJpxYeabESVRcdOCwEOZK1EbKKuRl%2BB6wowBOKArjg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=30 cf-ray 870679506e3c0b63-AMS alt-svc h3=":443"; ma=86400
GET H2	200	irs.css sportday66.mwk.ac.th/assets/images/irsus/home_files/	6 KB 2 KB	265ms 264ms	Stylesheet text/css	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sportday66.mwk.ac.th/assets/images/irsus/home_files/irs.css Requested by Host: sportday66.mwk.ac.th URL: https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c091629a45d384695d3aa0fcea2210eab8edff323d8ecbf81e3a04fda820d7f4` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ accept-language nl-NL,nl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 02:09:09 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 08 Jun 2022 07:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"16ae-5e0ea6326a780-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u8XCqFgzNsC5P1%2FXID0O3sXTBN9Swf74yw%2BBZJ9y95A235cFE1rsAqzGg6CF0uFFnG111pm2mo8cX95pHRqcSI45fAIMUlmAlubITxjQdJB8j%2B9W588iwGEBOXhSx5qODrlTRXUH9bfqZqn5EsY1BWbKxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=30 cf-ray 870679506e3d0b63-AMS alt-svc h3=":443"; ma=86400
GET H2	200	app.css sportday66.mwk.ac.th/assets/images/irsus/home_files/	9 KB 3 KB	235ms 234ms	Stylesheet text/css	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sportday66.mwk.ac.th/assets/images/irsus/home_files/app.css Requested by Host: sportday66.mwk.ac.th URL: https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4b254c69add59c9263fc046268904bcb604aaef26626ad2dd7ba2f9b2965f52` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ accept-language nl-NL,nl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 02:09:09 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 08 Jun 2022 07:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2467-5e0ea6326a780-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a8%2Bnl0S0Z4%2Fww8uri1BdWLVMLpEg%2BC2HqwTOCillUPeO9mEI%2BJpusF4USW%2F3HkpZYmyFgsd8uOAzHh8R61WOqGBNb1YKpE%2FZV1k01VMlEXhLNoNvShJOh0ahMxROpkkgFXzvpIk7l8XRz1NpJYlbUEvSbA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=30 cf-ray 870679506e3e0b63-AMS alt-svc h3=":443"; ma=86400
GET H2	200	app-error.css sportday66.mwk.ac.th/assets/images/irsus/home_files/	786 B 597 B	260ms 258ms	Stylesheet text/css	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sportday66.mwk.ac.th/assets/images/irsus/home_files/app-error.css Requested by Host: sportday66.mwk.ac.th URL: https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c4abb35ccb93590308661b4dafacfe380c89aef07e2d94499d23f1637137bd1c` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ accept-language nl-NL,nl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 02:09:09 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 08 Jun 2022 07:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"312-5e0ea6326a780-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dhFmCZufxuk54Fe5JQY8Z3yX42%2FyLUrzy6FvZ1ic2p0cqXvAWUrRFZ7%2Fkh%2Bqd0HRQqSdGLEn5pmtQ817WRn%2BXcMqTUuG2iPZUa4DkqcFD5JHZaJIZpvZyl8iD2rf9n2%2FPcZSB92Ib0od%2BBePAMQx5abhJg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=30 cf-ray 870679506e3f0b63-AMS alt-svc h3=":443"; ma=86400
GET H2	200	wmsp-shared-secrets.css sportday66.mwk.ac.th/assets/images/irsus/home_files/	3 KB 1 KB	263ms 262ms	Stylesheet text/css	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sportday66.mwk.ac.th/assets/images/irsus/home_files/wmsp-shared-secrets.css Requested by Host: sportday66.mwk.ac.th URL: https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fd8245e841b019e192658b02f6d510112f6793dace36c4b29cc44ab2ab6179cd` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ accept-language nl-NL,nl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 02:09:09 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 08 Jun 2022 07:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"cb8-5e0ea6326a780-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mRiQynmHRweOZW%2FYcrlJ3bFkajttcB%2FwW7SilkYz1Y4RCWK5%2BJVuiTKRGWGf4aOJPtZfozOdJnTsVJVbi%2FiM4K3oz6tbG9fq6bCfW4SUzjYkmRnIlfaF%2BSk%2FlofNNvd%2FOyxUwFxlV3f8cuhS2cJMfRlk7g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=30 cf-ray 870679506e400b63-AMS alt-svc h3=":443"; ma=86400
GET H2	200	wmsp-results.css sportday66.mwk.ac.th/assets/images/irsus/home_files/	2 KB 886 B	248ms 247ms	Stylesheet text/css	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sportday66.mwk.ac.th/assets/images/irsus/home_files/wmsp-results.css Requested by Host: sportday66.mwk.ac.th URL: https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c270883773a53da36d154ea13ce8ea8451489c25aabd20e60ef6eb65c4fe439d` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ accept-language nl-NL,nl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 02:09:09 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 08 Jun 2022 07:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"673-5e0ea6326a780-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oy3MusebomIicnRKCQ3KXDprBBM9dDggQwG%2BF5x24eOdHQtVBXXZtAsBLNWmRzJH%2FTFYMAw4phBvr1ahUX256HlyvDnr292p%2B0mKR3EENITxGd9cu%2Frc1%2B0pDDkQLs3VAG3ggbBW8FW2WWq4c95Tx0zVZw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=30 cf-ray 870679506e410b63-AMS alt-svc h3=":443"; ma=86400
GET H2	200	datepicker.css sportday66.mwk.ac.th/assets/images/irsus/home_files/	21 KB 3 KB	238ms 237ms	Stylesheet text/css	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sportday66.mwk.ac.th/assets/images/irsus/home_files/datepicker.css Requested by Host: sportday66.mwk.ac.th URL: https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a2538e625a9042c2cd54e13cf52221fce1831dd12c5ca4cdac23137ac22e3010` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ accept-language nl-NL,nl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 02:09:09 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 08 Jun 2022 07:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"52fc-5e0ea6326a780-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RKfeegsQWtEK%2F4o%2BBlhOULRv5nNn7886pzWd4nb2Avuaust9QuvTr%2Fk%2ByiMvkMhBj3WJQo6RY29eSFAMzfqOPYkguzjMIZJqwJPw%2Fy22PCFuLJVckQJymIEH%2Bj0EPnoemAsbQERCDiqczEsy%2FMIykCeBxA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=30 cf-ray 870679506e420b63-AMS alt-svc h3=":443"; ma=86400
GET H2	200	logo.png sportday66.mwk.ac.th/assets/images/irsus/home_files/	5 KB 5 KB	270ms 269ms	Image image/png	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sportday66.mwk.ac.th/assets/images/irsus/home_files/logo.png Requested by Host: sportday66.mwk.ac.th URL: https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ accept-language nl-NL,nl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 02:09:09 GMT cf-cache-status REVALIDATED last-modified Wed, 08 Jun 2022 07:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1220-5e0ea6326a780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oN%2FMb4kccFcjmX5oWVYClj%2BycJLXXsQFzZ%2F3ZSmgXUTLYdRmzC0r2mbzImynsyOpWsLA7Z483ArfVj6mxLU4BGwJFoGuNg37f2WWiOggpoGdVt7Mf7GBjF3pxeOV6yN3VlaRfle6qW0BDGsBVj3iW6Q05w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=30 accept-ranges bytes cf-ray 870679506e430b63-AMS alt-svc h3=":443"; ma=86400 content-length 4640
GET H2	200	irs_horiz_white.png sportday66.mwk.ac.th/assets/images/irsus/home_files/	1 KB 2 KB	255ms 255ms	Image image/png	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sportday66.mwk.ac.th/assets/images/irsus/home_files/irs_horiz_white.png Requested by Host: sportday66.mwk.ac.th URL: https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ accept-language nl-NL,nl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 02:09:09 GMT cf-cache-status REVALIDATED last-modified Wed, 08 Jun 2022 07:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5da-5e0ea6326a780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GXDBD1jFE8zxRRZDvDCoux%2BpAO5O065MRMzckw2zU6ZGJ0tZoPJSEQtqK1HTR%2FT5Ph9wQ9xj03xiHfJk3ONh%2BNupvdYu6Jj2dSEeCNi4PExmeMO2nrbzkHkwVbeySrlE9UEd0cdlo1Epm48Z6nrl9aH4Fg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=30 accept-ranges bytes cf-ray 870679506e440b63-AMS alt-svc h3=":443"; ma=86400 content-length 1498
GET H3	200	saved_resource.htm Show response sportday66.mwk.ac.th/assets/images/irsus/home_files/ Frame 51AA	313 B 648 B	235ms 235ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sportday66.mwk.ac.th/assets/images/irsus/home_files/saved_resource.htm Requested by Host: sportday66.mwk.ac.th URL: https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6afaa120b93af4f452d55328c8a2e686ab93ef0e4baa5b049a808d471cb7781f` Request headers Referer https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language nl-NL,nl;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 870679524ed2b944-AMS content-encoding br content-type text/html date Sun, 07 Apr 2024 02:09:09 GMT last-modified Wed, 08 Jun 2022 07:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FAVsVwwCN%2FLFgsPV3HfO8kVmTmNLAHmf8fT59A1XOAStAqj4WoC0ahJa4HTLWVF2RFDu4f75FaP5ejBLzF5ihKdavr29ylk0dsRG%2B7YootuVZj4sPY5l3GPGWddaV7AXVunrp0uO0g%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding,User-Agent
GET H3	404	swirl_lighter_ca6f4deb.png sportday66.mwk.ac.th/assets/images/irsus/images/	1 B 466 B	257ms 257ms	Image text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sportday66.mwk.ac.th/assets/images/irsus/images/swirl_lighter_ca6f4deb.png Requested by Host: sportday66.mwk.ac.th URL: https://sportday66.mwk.ac.th/assets/images/irsus/home_files/app.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://sportday66.mwk.ac.th/assets/images/irsus/home_files/app.css accept-language nl-NL,nl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 02:09:09 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Ah383crerpafvxXs1NokY1Cvml0z6LRh3zpCyoUfBQ%2Fb6qyTWoRRKkdh0Ydp7eQ%2Fe8GVRBHDBYW6Qn2OXBLJ7TdVHf90%2F96aEEFrHexANWfPsku1RJ2Yr%2F2uFH2rdYzBg6CspDfKg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=30 cf-ray 870679524ed3b944-AMS alt-svc h3=":443"; ma=86400
GET H3	404	us.png sportday66.mwk.ac.th/assets/img/	315 B 315 B	241ms 241ms	Image text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sportday66.mwk.ac.th/assets/img/us.png Requested by Host: sportday66.mwk.ac.th URL: https://sportday66.mwk.ac.th/assets/images/irsus/home_files/app.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://sportday66.mwk.ac.th/assets/images/irsus/home_files/app.css accept-language nl-NL,nl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 02:09:09 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3dhhP1cOkVzbiDjteHJ5ZE9cnOcd4idT3Lv3Bi6rBxnr6xP2Y5cGDzsqXQcLZlHWRHYqWRngjpdYjm8%2FOdKlnnTsIjwtbi1dQwRJ2wVC2W2duMVS3frGFp6hM3dFAudSivTdpqoRzQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=30 cf-ray 870679524ed4b944-AMS alt-svc h3=":443"; ma=86400
GET H3	200	favicon.ico sportday66.mwk.ac.th/assets/images/irsus/home_files/	4 KB 1 KB	266ms 266ms	Other image/x-icon	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sportday66.mwk.ac.th/assets/images/irsus/home_files/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6d63881e43e08ef385e6c809b43b2b289a459fb2f30d5159000e2477d776b456` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://sportday66.mwk.ac.th/assets/images/irsus/home.html?resource_ur/ accept-language nl-NL,nl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 02:09:09 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 08 Jun 2022 07:10:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"e36-5e0ea667d2580-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uDtkirb6DVAOLuG%2Fwv%2BfrZK3u1dZ%2FIdLF4yJU5f8R6g%2BBhoDGNejOv1vXqKLW8p%2FNcr28b27zuJhsGKzrvnqTZ8Z6JIPv8iblFtJRYnGlQYeg4HdJ9lfNbT5828IBTb%2F7bSdOkdjPQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=30 cf-ray 87067953efa6b944-AMS alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: IRS (Government)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sportday66.mwk.ac.th/assets/img/us.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sportday66.mwk.ac.th/assets/images/irsus/images/swirl_lighter_ca6f4deb.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sportday66.mwk.ac.th
188.114.96.3
2a06:98c1:3121::9
02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6afaa120b93af4f452d55328c8a2e686ab93ef0e4baa5b049a808d471cb7781f
6d63881e43e08ef385e6c809b43b2b289a459fb2f30d5159000e2477d776b456
a2538e625a9042c2cd54e13cf52221fce1831dd12c5ca4cdac23137ac22e3010
ad2f435f42c01c935af717382851192b5d51ff23b18ca31ee19bf605a01f3446
c091629a45d384695d3aa0fcea2210eab8edff323d8ecbf81e3a04fda820d7f4
c270883773a53da36d154ea13ce8ea8451489c25aabd20e60ef6eb65c4fe439d
c4abb35ccb93590308661b4dafacfe380c89aef07e2d94499d23f1637137bd1c
ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
f4b254c69add59c9263fc046268904bcb604aaef26626ad2dd7ba2f9b2965f52
fd8245e841b019e192658b02f6d510112f6793dace36c4b29cc44ab2ab6179cd

sportday66.mwk.ac.th Open in urlscan Pro 2a06:98c1:3121::9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

50 %IPv6

1 Domains

1 Subdomains

2 IPs

2 Countries

55 kBTransfer

247 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

sportday66.mwk.ac.th Open in urlscan Pro
2a06:98c1:3121::9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

2
IPs

2
Countries

55 kB
Transfer

247 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!