![](/screenshots/a849cc58-3e74-4a75-bfdf-5f9a2cdef5ad.png)
secondary.obec.go.th
Open in
urlscan Pro
202.29.173.3
Malicious Activity!
Public Scan
Submission: On June 13 via manual from CA — Scanned from CA
Summary
TLS certificate: Issued by R3 on May 31st 2024. Valid for: 3 months.
This is the only time secondary.obec.go.th was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 202.29.173.3 202.29.173.3 | 133042 (OBEC-AS-A...) (OBEC-AS-AP Office of the basic education commission) | |
3 | 23.218.217.134 23.218.217.134 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 104.194.8.120 104.194.8.120 | 23470 (RELIABLESITE) (RELIABLESITE) | |
3 | 151.101.129.16 151.101.129.16 | 54113 (FASTLY) (FASTLY) | |
8 | 4 |
ASN133042 (OBEC-AS-AP Office of the basic education commission, TH)
secondary.obec.go.th |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-217-134.deploy.static.akamaitechnologies.com
images-na.ssl-images-amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 436 |
61 KB |
3 |
ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 852 |
28 KB |
1 |
ibb.co
i.ibb.co — Cisco Umbrella Rank: 10139 |
4 KB |
1 |
obec.go.th
secondary.obec.go.th |
4 KB |
8 | 4 |
Domain | Requested by | |
---|---|---|
3 | m.media-amazon.com |
images-na.ssl-images-amazon.com
|
3 | images-na.ssl-images-amazon.com |
secondary.obec.go.th
|
1 | i.ibb.co |
secondary.obec.go.th
|
1 | secondary.obec.go.th | |
8 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
secondary.obec.go.th R3 |
2024-05-31 - 2024-08-29 |
3 months | crt.sh |
m.media-amazon.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-08-29 - 2024-08-28 |
a year | crt.sh |
ibb.co R3 |
2024-04-22 - 2024-07-21 |
3 months | crt.sh |
images-na.ssl-images-amazon.com DigiCert Global CA G2 |
2024-03-18 - 2025-03-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://secondary.obec.go.th/newweb/wp-admin/includes/front/
Frame ID: A7863C27DC49AA13454EC2E415198C2A
Requests: 8 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
secondary.obec.go.th/newweb/wp-admin/includes/front/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61Brdu0o6LL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css
images-na.ssl-images-amazon.com/images/I/ |
137 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01SdjaY0ZsL._RC%7C419sIPk+mYL.css,41yEFdgL45L.css_.css
images-na.ssl-images-amazon.com/images/I/ |
46 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11E08O3eXDL.css
images-na.ssl-images-amazon.com/images/I/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
828028a4f4a84acabd1a94001a5c8a7c.jpg
i.ibb.co/1XvK992/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png
m.media-amazon.com/images/G/01/AUIClients/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonUIBaseCSS-amazonember_rg-cc7ebaa05a2cd3b02c0929ac0475a44ab30b7efa._V2_.woff2
m.media-amazon.com/images/G/01/AUIClients/ |
16 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonUIBaseCSS-amazonember_bd-46b91bda68161c14e554a779643ef4957431987b._V2_.woff2
m.media-amazon.com/images/G/01/AUIClients/ |
16 KB 16 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
secondary.obec.go.th/ | Name: PHPSESSID Value: khceeql1jksott1iic0ab0g8oa |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
i.ibb.co
images-na.ssl-images-amazon.com
m.media-amazon.com
secondary.obec.go.th
104.194.8.120
151.101.129.16
202.29.173.3
23.218.217.134
122a38d736dd4b129af47e1d4f6d955d335f55256f2f231d8ccd1a58562cd381
4065b43ba3db8da5390ba0708555889f78e86483fe0226ef79ea22d07c306b89
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
8c23ec3cf642a3bdb329d68c6038db8172b01fcad5270f36cf447235c2594ffa
8ff52030ae312e1688bd111f80d21dc533e457cdefd9cdf07722ec9f51de79bb
9d021be18c53ca0d51304debf94034495d7b6bb25bccc673e58fd715ae51ed46
cded49f94fc16dc0a14923975e159fbf4b14844593e612c1342c9e34e2f96821
ee09c6311fad39537f176558c3cf86246535d27f08b52248acc30d550a13804d