ttdintertrade.co.th
Open in
urlscan Pro
150.95.99.19
Malicious Activity!
Public Scan
URL:
https://ttdintertrade.co.th/xls/linklde/Login.html?linkedin_com/comm/feed/quotationmanage_do?obbua=jddcqabeEdi
Submission: On June 07 via automatic, source phishtank — Scanned from JP
Submission: On June 07 via automatic, source phishtank — Scanned from JP
Summary
This website contacted 8 IPs
in 3 countries
across 10 domains to perform 23 HTTP transactions.
The main IP is 150.95.99.19, located in
Japan and
belongs to GMO-Z-COM-TH GMO-Z com NetDesign Holdings Co., Ltd., JP.
The main domain is ttdintertrade.co.th.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 23rd 2024. Valid for: 3 months.
This is the only time ttdintertrade.co.th was scanned on urlscan.io!
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 23rd 2024. Valid for: 3 months.
This is the only time ttdintertrade.co.th was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: LinkedIn (Social Network)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 11 | 150.95.99.19 150.95.99.19 | 135161 (GMO-Z-COM...) (GMO-Z-COM-TH GMO-Z com NetDesign Holdings Co.) | |
| 1 | 2404:6800:400... 2404:6800:4004:818::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2606:2800:247... 2606:2800:247:b713:6f8:1d37:ecd5:e137 | 15133 (EDGECAST) (EDGECAST) | |
| 1 | 2620:1ec:50::16 2620:1ec:50::16 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 4 | 2600:140b:1c0... 2600:140b:1c00:1a::17cd:772a | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 2 | 18.181.129.160 18.181.129.160 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 13.114.197.230 13.114.197.230 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 2 | 216.58.220.98 216.58.220.98 | 15169 (GOOGLE) (GOOGLE) | |
| 2 2 | 142.251.42.162 142.251.42.162 | 15169 (GOOGLE) (GOOGLE) | |
| 2 2 | 172.217.25.164 172.217.25.164 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 172.217.175.99 172.217.175.99 | 15169 (GOOGLE) (GOOGLE) | |
| 23 | 8 |
11
150.95.99.19
(Japan)
ASN135161 (GMO-Z-COM-TH GMO-Z com NetDesign Holdings Co., Ltd., JP)
PTR: v150-95-99-19.lk8e.static.cnode.io
ASN135161 (GMO-Z-COM-TH GMO-Z com NetDesign Holdings Co., Ltd., JP)
PTR: v150-95-99-19.lk8e.static.cnode.io
| ttdintertrade.co.th |
1
2606:2800:247:b713:6f8:1d37:ecd5:e137
(United States)
ASN15133 (EDGECAST, US)
ASN15133 (EDGECAST, US)
| static-exp1.licdn.com |
4
2600:140b:1c00:1a::17cd:772a
(Tokyo, Japan)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| platform.linkedin-ei.com | |
| platform.linkedin.com |
2
18.181.129.160
(Tokyo, Japan)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-181-129-160.ap-northeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-181-129-160.ap-northeast-1.compute.amazonaws.com
| dpm.demdex.net | |
| lnkd.demdex.net |
1
13.114.197.230
(Tokyo, Japan)
ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-197-230.ap-northeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-197-230.ap-northeast-1.compute.amazonaws.com
| lnkd.demdex.net |
2
216.58.220.98
(United States)
ASN15169 (GOOGLE, US)
PTR: syd10s01-in-f98.1e100.net
ASN15169 (GOOGLE, US)
PTR: syd10s01-in-f98.1e100.net
| www.googleadservices.com |
2
142.251.42.162
(Queens, United States)
ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net
| googleads.g.doubleclick.net |
2
172.217.175.99
(United States)
ASN15169 (GOOGLE, US)
PTR: nrt20s21-in-f3.1e100.net
ASN15169 (GOOGLE, US)
PTR: nrt20s21-in-f3.1e100.net
| www.google.co.jp |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 11 |
ttdintertrade.co.th
ttdintertrade.co.th |
781 KB |
| 4 |
linkedin-ei.com
www.linkedin-ei.com platform.linkedin-ei.com |
53 KB |
| 3 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 250 lnkd.demdex.net — Cisco Umbrella Rank: 5965 |
2 KB |
| 2 |
google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 20792 |
128 B |
| 2 |
google.com
2 redirects
www.google.com — Cisco Umbrella Rank: 5 |
48 B |
| 2 |
doubleclick.net
2 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63 |
46 B |
| 2 |
googleadservices.com
2 redirects
www.googleadservices.com — Cisco Umbrella Rank: 137 |
46 B |
| 1 |
linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3852 |
96 KB |
| 1 |
licdn.com
static-exp1.licdn.com — Cisco Umbrella Rank: 409988 |
13 KB |
| 1 |
gstatic.com
fonts.gstatic.com |
27 KB |
| 23 | 10 |
| Domain | Requested by | |
|---|---|---|
| 11 | ttdintertrade.co.th |
ttdintertrade.co.th
|
| 3 | platform.linkedin-ei.com |
ttdintertrade.co.th
platform.linkedin-ei.com |
| 2 | www.google.co.jp | |
| 2 | www.google.com | 2 redirects |
| 2 | googleads.g.doubleclick.net | 2 redirects |
| 2 | www.googleadservices.com | 2 redirects |
| 2 | lnkd.demdex.net |
platform.linkedin-ei.com
|
| 1 | platform.linkedin.com |
platform.linkedin-ei.com
|
| 1 | dpm.demdex.net |
platform.linkedin-ei.com
|
| 1 | www.linkedin-ei.com |
ttdintertrade.co.th
|
| 1 | static-exp1.licdn.com |
ttdintertrade.co.th
|
| 1 | fonts.gstatic.com |
ttdintertrade.co.th
|
| 23 | 12 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| ttdintertrade.co.th cPanel, Inc. Certification Authority |
2024-03-23 - 2024-06-21 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2024-05-13 - 2024-08-05 |
3 months | crt.sh |
| *.licdn.com DigiCert SHA2 Secure Server CA |
2023-08-02 - 2024-08-01 |
a year | crt.sh |
| www.linkedin-ei.com DigiCert SHA2 Secure Server CA |
2024-04-08 - 2024-10-08 |
6 months | crt.sh |
| platform.linkedin.com DigiCert SHA2 Secure Server CA |
2024-03-29 - 2025-03-28 |
a year | crt.sh |
| *.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://ttdintertrade.co.th/xls/linklde/Login.html?linkedin_com/comm/feed/quotationmanage_do?obbua=jddcqabeEdi
Frame ID: 83E74EA1784CF904DF3D792FC2F9425A
Requests: 20 HTTP requests in this frame
Frame:
https://ttdintertrade.co.th/xls/linklde/sc/h/gg.html
Frame ID: 1D08C15125943E0E243FAF93DF5D5663
Requests: 2 HTTP requests in this frame
Frame:
https://lnkd.demdex.net/dest5.html?d_nsid=0
Frame ID: 58AF0B9E02E79F97664CF0CB1B6C18E4
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 20- https://www.googleadservices.com/pagead/conversion/979305453/?random=1717756827301&cv=11&fst=1717756827301&fmt=3&bg=ffffff&guid=ON&async=1>m=45ae42h0v873428484za200&gcd=13l3l3l3l3&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fttdintertrade.co.th%2Fxls%2Flinklde%2FLogin.html%3Flinkedin_com%2Fcomm%2Ffeed%2Fquotationmanage_do%3Fobbua%3DjddcqabeEdi&label=Kc16CMr0-_0BEO2H_NID&hn=www.googleadservices.com&frm=0&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&oid=3033181821630628&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&npa=1&pscdl=noapi&auid=1830291767.1717756827&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uap=Win32&uapv=10.0.0&uaw=0&capi=1&data=event%3Dconversion HTTP 302
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979305453/?random=1846116265&cv=11&fst=1717756827301&fmt=3&bg=ffffff&guid=ON&async=1>m=45ae42h0v873428484za200&gcd=13l3l3l3l3&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fttdintertrade.co.th%2Fxls%2Flinklde%2FLogin.html%3Flinkedin_com%2Fcomm%2Ffeed%2Fquotationmanage_do%3Fobbua%3DjddcqabeEdi&label=Kc16CMr0-_0BEO2H_NID&hn=www.googleadservices.com&frm=0&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&npa=1&pscdl=noapi&auid=1830291767.1717756827&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uap=Win32&uapv=10.0.0&uaw=0&capi=1&data=event%3Dconversion&ct_cookie_present=false&eoid=CkAKEQjw34qzBhDe19fhv5W348oBEisAiKysPaXQxM_kRT6mXr0aZ0InKPubxG-pqjSYexwSkkUtkdvRfE-q1KDo8P8HAQ&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIvL-G7KbJhgMV-4fpBR2QpSXjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vdHRkaW50ZXJ0cmFkZS5jby50aC8 HTTP 302
- https://www.google.com/pagead/1p-conversion/979305453/?random=1846116265&cv=11&fst=1717756827301&fmt=3&bg=ffffff&guid=ON&async=1>m=45ae42h0v873428484za200&gcd=13l3l3l3l3&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fttdintertrade.co.th%2Fxls%2Flinklde%2FLogin.html%3Flinkedin_com%2Fcomm%2Ffeed%2Fquotationmanage_do%3Fobbua%3DjddcqabeEdi&label=Kc16CMr0-_0BEO2H_NID&hn=www.googleadservices.com&frm=0&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&npa=1&pscdl=noapi&auid=1830291767.1717756827&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uap=Win32&uapv=10.0.0&uaw=0&capi=1&data=event%3Dconversion&ct_cookie_present=false&eoid=CkAKEQjw34qzBhDe19fhv5W348oBEisAiKysPaXQxM_kRT6mXr0aZ0InKPubxG-pqjSYexwSkkUtkdvRfE-q1KDo8P8HAQ&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIvL-G7KbJhgMV-4fpBR2QpSXjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vdHRkaW50ZXJ0cmFkZS5jby50aC8&is_vtc=1&cid=CAQSKQDaQooLcDvbF0tGV8uNFvTHsoXw4CvNyIMR-nMjPUh7yx5bFH0D9hmJ&random=691291079 HTTP 302
- https://www.google.co.jp/pagead/1p-conversion/979305453/?random=1846116265&cv=11&fst=1717756827301&fmt=3&bg=ffffff&guid=ON&async=1>m=45ae42h0v873428484za200&gcd=13l3l3l3l3&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fttdintertrade.co.th%2Fxls%2Flinklde%2FLogin.html%3Flinkedin_com%2Fcomm%2Ffeed%2Fquotationmanage_do%3Fobbua%3DjddcqabeEdi&label=Kc16CMr0-_0BEO2H_NID&hn=www.googleadservices.com&frm=0&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&npa=1&pscdl=noapi&auid=1830291767.1717756827&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uap=Win32&uapv=10.0.0&uaw=0&capi=1&data=event%3Dconversion&ct_cookie_present=false&eoid=CkAKEQjw34qzBhDe19fhv5W348oBEisAiKysPaXQxM_kRT6mXr0aZ0InKPubxG-pqjSYexwSkkUtkdvRfE-q1KDo8P8HAQ&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIvL-G7KbJhgMV-4fpBR2QpSXjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vdHRkaW50ZXJ0cmFkZS5jby50aC8&is_vtc=1&cid=CAQSKQDaQooLcDvbF0tGV8uNFvTHsoXw4CvNyIMR-nMjPUh7yx5bFH0D9hmJ&random=691291079&ipr=y
- https://www.googleadservices.com/pagead/conversion/979305453/?random=1717756827305&cv=11&fst=1717756827305&fmt=3&bg=ffffff&guid=ON&async=1>m=45ae42h0v873428484za200&gcd=13l3l3l3l3&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fttdintertrade.co.th%2Fxls%2Flinklde%2FLogin.html%3Flinkedin_com%2Fcomm%2Ffeed%2Fquotationmanage_do%3Fobbua%3DjddcqabeEdi&label=ZRKoCICMpsUBEO2H_NID&hn=www.googleadservices.com&frm=0&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&oid=3033181821630628&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&npa=1&pscdl=noapi&auid=1830291767.1717756827&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uap=Win32&uapv=10.0.0&uaw=0&capi=1&data=event%3Dconversion HTTP 302
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979305453/?random=90030273&cv=11&fst=1717756827305&fmt=3&bg=ffffff&guid=ON&async=1>m=45ae42h0v873428484za200&gcd=13l3l3l3l3&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fttdintertrade.co.th%2Fxls%2Flinklde%2FLogin.html%3Flinkedin_com%2Fcomm%2Ffeed%2Fquotationmanage_do%3Fobbua%3DjddcqabeEdi&label=ZRKoCICMpsUBEO2H_NID&hn=www.googleadservices.com&frm=0&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&npa=1&pscdl=noapi&auid=1830291767.1717756827&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uap=Win32&uapv=10.0.0&uaw=0&capi=1&data=event%3Dconversion&ct_cookie_present=false&eoid=CkAKEQjw34qzBhDe19fhv5W348oBEisAiKysPbTlu0vxhVWMD54z4HiyENU7Idn33ptlyIEYkdq-GU5lkl2-_D_18P8HAQ&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcjtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI1ciG7KbJhgMVMYfpBR2NDyr_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vdHRkaW50ZXJ0cmFkZS5jby50aC8 HTTP 302
- https://www.google.com/pagead/1p-conversion/979305453/?random=90030273&cv=11&fst=1717756827305&fmt=3&bg=ffffff&guid=ON&async=1>m=45ae42h0v873428484za200&gcd=13l3l3l3l3&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fttdintertrade.co.th%2Fxls%2Flinklde%2FLogin.html%3Flinkedin_com%2Fcomm%2Ffeed%2Fquotationmanage_do%3Fobbua%3DjddcqabeEdi&label=ZRKoCICMpsUBEO2H_NID&hn=www.googleadservices.com&frm=0&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&npa=1&pscdl=noapi&auid=1830291767.1717756827&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uap=Win32&uapv=10.0.0&uaw=0&capi=1&data=event%3Dconversion&ct_cookie_present=false&eoid=CkAKEQjw34qzBhDe19fhv5W348oBEisAiKysPbTlu0vxhVWMD54z4HiyENU7Idn33ptlyIEYkdq-GU5lkl2-_D_18P8HAQ&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcjtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI1ciG7KbJhgMVMYfpBR2NDyr_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vdHRkaW50ZXJ0cmFkZS5jby50aC8&is_vtc=1&cid=CAQSKQDaQooLG3J9EwlpX66xvECiANawidYhaSiE8GNjCV2pOcr_K8O57WGj&random=1955187474 HTTP 302
- https://www.google.co.jp/pagead/1p-conversion/979305453/?random=90030273&cv=11&fst=1717756827305&fmt=3&bg=ffffff&guid=ON&async=1>m=45ae42h0v873428484za200&gcd=13l3l3l3l3&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fttdintertrade.co.th%2Fxls%2Flinklde%2FLogin.html%3Flinkedin_com%2Fcomm%2Ffeed%2Fquotationmanage_do%3Fobbua%3DjddcqabeEdi&label=ZRKoCICMpsUBEO2H_NID&hn=www.googleadservices.com&frm=0&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&npa=1&pscdl=noapi&auid=1830291767.1717756827&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uap=Win32&uapv=10.0.0&uaw=0&capi=1&data=event%3Dconversion&ct_cookie_present=false&eoid=CkAKEQjw34qzBhDe19fhv5W348oBEisAiKysPbTlu0vxhVWMD54z4HiyENU7Idn33ptlyIEYkdq-GU5lkl2-_D_18P8HAQ&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcjtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI1ciG7KbJhgMVMYfpBR2NDyr_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vdHRkaW50ZXJ0cmFkZS5jby50aC8&is_vtc=1&cid=CAQSKQDaQooLG3J9EwlpX66xvECiANawidYhaSiE8GNjCV2pOcr_K8O57WGj&random=1955187474&ipr=y
23 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
Login.html
ttdintertrade.co.th/xls/linklde/ |
28 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cqpqsmixh8w40mzqux183dypa.css
ttdintertrade.co.th/xls/linklde/sc/h/ |
258 KB 258 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
4ygrgi0klw0h7s7s9m56m10fz
ttdintertrade.co.th/xls/linklde/sc/h/ |
164 KB 164 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
50a28enatfg8kjjl3gk2c5mud
ttdintertrade.co.th/xls/linklde/sc/h/ |
62 KB 63 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
djykitbj8q6nbc5kqowcmv2h7
ttdintertrade.co.th/xls/linklde/sc/h/ |
64 KB 64 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
26elsm12hjqp7ymaluqfe5qu7
ttdintertrade.co.th/xls/linklde/sc/h/ |
2 KB 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3a5zi3egw5hosweu6wsco2rsf
ttdintertrade.co.th/xls/linklde/sc/h/ |
68 KB 68 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gg.html
ttdintertrade.co.th/xls/linklde/sc/h/ Frame 1D08 |
101 KB 101 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame 1D08 |
51 KB 27 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1gpe377m8n1eq73qveizv5onv
static-exp1.licdn.com/sc/h/ |
38 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3m4lyvbs6efg8pyhv7kupo6dh.ico
ttdintertrade.co.th/xls/linklde/sc/h/ |
32 KB 32 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
track
ttdintertrade.co.th/li/ |
325 B 525 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
user
www.linkedin-ei.com/litms/api/metadata/ |
342 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.js
platform.linkedin-ei.com/litms/utag/checkpoint-frontend/ |
137 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
dpm.demdex.net/ |
625 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.107.js
platform.linkedin-ei.com/litms/utag/checkpoint-frontend/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.117.js
platform.linkedin-ei.com/litms/utag/checkpoint-frontend/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
track
ttdintertrade.co.th/li/ |
325 B 525 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dest5.html
lnkd.demdex.net/ Frame 58AF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
event
lnkd.demdex.net/ |
530 B 955 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtag-adwords.js
platform.linkedin.com/litms/vendor/google// |
273 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.google.co.jp/pagead/1p-conversion/979305453/ Redirect Chain
|
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.google.co.jp/pagead/1p-conversion/979305453/ Redirect Chain
|
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: LinkedIn (Social Network)27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| artdeco object| _artdecoBakedCurves object| __core-js_shared__ undefined| utag_data object| utag_cfg_ovrd object| _0x3365 function| _0xcf3d object| AppleID object| tealiumDil boolean| utag_condload object| landingPageUrl object| utag boolean| __tealium_twc_switch function| DIL object| adobe function| Visitor object| s_c_il number| s_c_in string| gtagRename object| dataLayer function| gtag object| google_tag_data function| GooglemKTybQhCsO function| google_trackConversion object| google_tag_manager15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .www.linkedin-ei.com/ | Name: JSESSIONID Value: ajax:2773121097215154217 |
|
| .linkedin-ei.com/ | Name: lang Value: v=2&lang=ja-jp |
|
| .linkedin-ei.com/ | Name: bcookie Value: "v=2&cb8654e4-e0cf-437f-8e80-1c6911727744" |
|
| .www.linkedin-ei.com/ | Name: bscookie Value: "v=1&2024060710402637577019-12ed-4e8c-80f6-f68b73b51279AQHO2uv-z1SYAMBPUPAgpQKJFBnyuZkM" |
|
| .linkedin-ei.com/ | Name: lidc Value: "b=ETGST04:s=ET:r=ET:a=ET:p=ET:g=132:u=1:x=1:i=1717756826:t=1717843226:v=2:sig=AQHHmd3w55mOvgGWKo1umN_cP56R0zGI" |
|
| .demdex.net/ | Name: demdex Value: 62094298435346964084132400060698414681 |
|
| .ttdintertrade.co.th/ | Name: AMCVS_14215E3D5995C57C0A495C55%40AdobeOrg Value: 1 |
|
| .ttdintertrade.co.th/ | Name: AMCV_14215E3D5995C57C0A495C55%40AdobeOrg Value: -637568504%7CMCIDTS%7C19882%7CMCMID%7C62609850347685632194149526961452596626%7CMCAAMLH-1718361626%7C11%7CMCAAMB-1718361626%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1717764026s%7CNONE%7CvVersion%7C5.1.1 |
|
| .ttdintertrade.co.th/ | Name: aam_uuid Value: 62094298435346964084132400060698414681 |
|
| .demdex.net/ | Name: dextp Value: 771-1-1717756826858|1957-1-1717756826960 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUl5jpd0x3Y6bWJkGelW9zPN7nHBn3gDQp7bXYBLLd7IWI9yMKFcpDSM288MvV0 |
|
| .bing.com/ | Name: MUID Value: 2AE299E9148467E62AD58D7E15FE6637 |
|
| .c.bing.com/ | Name: MR Value: 0 |
|
| .dpm.demdex.net/ | Name: dpm Value: 62094298435346964084132400060698414681 |
|
| .ttdintertrade.co.th/ | Name: _gcl_au Value: 1.1.1830291767.1717756827 |
42 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dpm.demdex.net
fonts.gstatic.com
googleads.g.doubleclick.net
lnkd.demdex.net
platform.linkedin-ei.com
platform.linkedin.com
static-exp1.licdn.com
ttdintertrade.co.th
www.google.co.jp
www.google.com
www.googleadservices.com
www.linkedin-ei.com
13.114.197.230
142.251.42.162
150.95.99.19
172.217.175.99
172.217.25.164
18.181.129.160
216.58.220.98
2404:6800:4004:818::2003
2600:140b:1c00:1a::17cd:772a
2606:2800:247:b713:6f8:1d37:ecd5:e137
2620:1ec:50::16
0ad37de84391e495dfc73329f00dfd03335b75cf1393b0b7b921b6d20d1b6394
2072637eca86b31333f03dd2f363993776d87ec85be0f0970d80a08347cbe43f
20d449c5ddb6c176c61469ff31f409266494a37fc8dddfb42e61315e366b168e
22efb437807cb4b863943eb83a66fdcd793de9c635235465b08ad825251e4b4e
3803f0ea4bb40dcc2ad5de1905e781302ded09ee15c9a0ca8a5ffb908750cc3a
42525f66683a7435b58fee40ebb269c386451ed660c1ac80ed159a066e55466d
42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023
60b59a7b6427a5c1f496b263dbf0ce0c18e6403ecf3e3facb5ab5e1c02cb24ec
639f80fe9e54da39cf4647977783a3c412c647af8a08a2297cb2e89bf13ca5a8
848d5c6fe6e78738adf94026d52319b2c2dde3e651ce9a386fc9fbcca97b9c3f
a04c915c86662f64233cf9e2ddd8ef855ef6810b284b7743479eb9978f9f4f1e
b1fb81ca455a3c695294fe0ef5c1cd8fcd65c7e48deff63303042bbb125e5963
bc08ce3041da57f3aa1c5f55ce28ed3115606638b8fac36cfa7d177d00a031c2
c852b1105eb000028e9b27677996f8d4773daa31fa1aaf663cb6ae3a6857a50a
d4ddfb9dda4987506dfbdf0c45e4c1fcaa1db286aec663340ced8f7fe3acabba
da1464e8c147660353892a14a23cebe1fa03fb7893f12644130512832f178cba
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff0b6274db6ebd08633097921e241f45f30c760d4fb9038ef3037fc03761249
f22471104c59686c813d07ae6fe0dac8bf74ce7eeeb4c4d2d6cd011abb9c9d11