osh1.labour.go.th
Open in
urlscan Pro
122.155.89.84
Malicious Activity!
Public Scan
Effective URL: http://osh1.labour.go.th/attachments/article/161/DHL/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&f...
Submission: On August 10 via automatic, source phishtank
Summary
This is the only time osh1.labour.go.th was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 122.155.89.84 122.155.89.84 | 9931 (CAT-AP Th...) (CAT-AP The Communication Authoity of Thailand) | |
1 | 2606:4700::68... 2606:4700::6811:e04e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
18 | 3 |
ASN9931 (CAT-AP The Communication Authoity of Thailand, CAT, TH)
osh1.labour.go.th |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
labour.go.th
osh1.labour.go.th |
147 KB |
1 |
fonts.net
fast.fonts.net |
562 B |
18 | 2 |
Domain | Requested by | |
---|---|---|
8 | osh1.labour.go.th |
osh1.labour.go.th
|
1 | fast.fonts.net |
osh1.labour.go.th
|
18 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://osh1.labour.go.th/attachments/article/161/DHL/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=info.service@wiedenbach.com&.rand=13InboxLight.aspx?n=1774256418&fid=4
Frame ID: 78953B4C8E18BD34E1BC51A5538BE007
Requests: 18 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.php
osh1.labour.go.th/attachments/article/161/DHL/ |
22 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ga.js
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.css
fast.fonts.net/t/ |
0 562 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout.css
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
buttons.js
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
util.js
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
121 KB 121 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
plugins.min.js
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
jquery.js
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dhl_logo_transparent.png
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
form_help.png
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
mydhl_benefit_1.png
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
mydhl_benefit_2.png
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
mydhl_benefit_3.png
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
mydhl_benefit_4.png
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
mydhl_benefit_5.png
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
DHL_footer_logo.png
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
util.js
osh1.labour.go.th/attachments/article/161/DHL/Files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- osh1.labour.go.th
- URL
- http://osh1.labour.go.th/attachments/article/161/DHL/Files/ga.js
- Domain
- osh1.labour.go.th
- URL
- http://osh1.labour.go.th/attachments/article/161/DHL/Files/form_help.png
- Domain
- osh1.labour.go.th
- URL
- http://osh1.labour.go.th/attachments/article/161/DHL/Files/mydhl_benefit_1.png
- Domain
- osh1.labour.go.th
- URL
- http://osh1.labour.go.th/attachments/article/161/DHL/Files/mydhl_benefit_2.png
- Domain
- osh1.labour.go.th
- URL
- http://osh1.labour.go.th/attachments/article/161/DHL/Files/mydhl_benefit_3.png
- Domain
- osh1.labour.go.th
- URL
- http://osh1.labour.go.th/attachments/article/161/DHL/Files/mydhl_benefit_4.png
- Domain
- osh1.labour.go.th
- URL
- http://osh1.labour.go.th/attachments/article/161/DHL/Files/mydhl_benefit_5.png
- Domain
- osh1.labour.go.th
- URL
- http://osh1.labour.go.th/attachments/article/161/DHL/Files/DHL_footer_logo.png
- Domain
- osh1.labour.go.th
- URL
- http://osh1.labour.go.th/attachments/article/161/DHL/Files/util.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| currentLanguage string| calendarLanguage string| contextPath string| btnConfirmOk string| btnConfirmCancel string| linkMore string| linkLess string| dateFormatPattern0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fast.fonts.net
osh1.labour.go.th
osh1.labour.go.th
122.155.89.84
2606:4700::6811:e04e
041760601b2f52da809e53bd8b9132fa0a7833213800a7ed46a0375b99fbaf8c
35b8eca53271516f3d66a3dd8f89e1366edb87adad26015424148de71dfcce46
69f3cd5711722de0b3ce814b2b51d01f60b0c270042659e9972c2b34265ad773
af7f14e6c8e65f74dac6afda27be4ce7512db2a778ec42c36f55a1ed363fc7d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855