urlscan.io logo urlscan.io
SecurityTrails logo

korn.army2.mi.th Open in urlscan Pro
203.114.109.92  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://korn.army2.mi.th/
Effective URL: https://korn.army2.mi.th/signin.php
Submission: On April 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 22 HTTP transactions. The main IP is 203.114.109.92, located in Thailand and belongs to TOT-NET TOT Public Company Limited, TH. The main domain is korn.army2.mi.th.
TLS certificate: Issued by R3 on April 29th 2024. Valid for: 3 months.
This is the only time korn.army2.mi.th was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 203.114.109.92 23969 (TOT-NET T...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
22 5
16    203.114.109.92 (Thailand)

ASN23969 (TOT-NET TOT Public Company Limited, TH)
korn.army2.mi.th
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
16 army2.mi.th
korn.army2.mi.th
176 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
9 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
98 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 767
31 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
871 B
22 5
Domain Requested by
16 korn.army2.mi.th korn.army2.mi.th
2 cdnjs.cloudflare.com korn.army2.mi.th
2 cdn.jsdelivr.net korn.army2.mi.th
cdn.jsdelivr.net
1 code.jquery.com korn.army2.mi.th
1 fonts.googleapis.com korn.army2.mi.th
22 5

This site contains no links.

Subject Issuer Validity Valid
korn.army2.mi.th
R3		 2024-04-29 -
2024-07-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://korn.army2.mi.th/signin.php
Frame ID: A76893659A807A81D22950F341337AD8
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Forever

Page URL History Show full URLs

  1. https://korn.army2.mi.th/ Page URL
  2. https://korn.army2.mi.th/signin.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

22
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

314 kB
Transfer

911 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://korn.army2.mi.th/ Page URL
  2. https://korn.army2.mi.th/signin.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
korn.army2.mi.th/ 		367 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://korn.army2.mi.th/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-length
271
content-type
text/html; charset=UTF-8
date
Mon, 29 Apr 2024 11:32:26 GMT
server
Apache
vary
Accept-Encoding
Primary Request signin.php
korn.army2.mi.th/ 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://korn.army2.mi.th/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash
f0755bb19316cea9d1321fe8dad354f4ef3472c066f9898f776c9e63f43cb7ae

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://korn.army2.mi.th/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
2369
content-type
text/html; charset=UTF-8
date
Mon, 29 Apr 2024 11:32:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
favicon.ico
korn.army2.mi.th/ 		263 B
336 B 		Other
General
Check archive.org
Download Go to
Full URL
https://korn.army2.mi.th/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:27 GMT
server
Apache
content-length
263
content-type
text/html; charset=iso-8859-1
css2
fonts.googleapis.com/ 		1 KB
871 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+Thai+Looped:wght@500&display=swap
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf4c086703c934e5ee4d1c1e3b19465050bb38bf8522fb4dc5ad7e3c4edf61b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Apr 2024 11:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Apr 2024 11:32:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Apr 2024 11:32:27 GMT
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 		64 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4046366
x-jsd-version
1.5.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230101-FRA, cache-lga21952-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BXrAzQ%2B8k9xNL1FqdsHO2YV9ClodY52ouGNKv5FI%2F22yAwS0MiZNqrEXqELuBMBpGiYJsYmKkCYSh%2BgikCT8MKpOxaYQQnMqJ4yqtKZyiaWV%2Bm9O7LSLcV5i4SrBlUOQdi%2F3B%2BpApT6wtAiQlNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
87bef8b83fc83605-FRA
style.css
korn.army2.mi.th/assets/css/ 		269 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://korn.army2.mi.th/assets/css/style.css
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash
f476561e674312e05d744c21fed80bc3b6ab746dd54d5c019372df98a8b611f5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/signin.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:27 GMT
content-encoding
gzip
last-modified
Mon, 29 Apr 2024 07:20:46 GMT
server
Apache
etag
"433ce-617371793528f-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
36550
jquery-3.6.1.min.js
code.jquery.com/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:27 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
246537
x-cache
HIT, HIT
content-length
30957
x-served-by
cache-lga13629-LGA, cache-fra-eddf8230116-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1714390348.620195,VS0,VE0
etag
W/"28feccc0-15e40"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
2, 15407
sweetalert-dev.min.js
cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/sweetalert-dev.min.js
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e3ee86f36113e0457a4381bfbf346c0fa3eef69cc4644a471045d4776631823
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1521606
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5010
last-modified
Mon, 04 May 2020 16:16:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ff8-45dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dxVggog2Y9GFWNvbp%2BmmG%2BtGFCrT4lwVfs6efqOf0wpsLj%2Bi7kP448RrgbVwUt%2BUiWcbh8ARLm9nPhQVJwUeKUb1gO4WBR6PG5D%2FJyQcbZho%2BkghorxRd2sxHudFvvPZzV4wMiXZEj5ZrxxyRe2Neraq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87bef8b8abdf6987-FRA
expires
Sat, 19 Apr 2025 11:32:27 GMT
sweetalert.min.css
cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/sweetalert.min.css
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8975187e46d59798ad7786c09051f99a330437995df6ddce1ef5d7dc853c5315
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1003333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2728
last-modified
Mon, 04 May 2020 16:16:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ff8-41bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZED8RHsD%2FA8F6g7WGY0D%2B6rDuX%2BZwxXfHY3Wq99dkWPOBgy4uJ1MqoRfOGIHyixG9mYpo%2FLKv%2FteMWPq7zOzhuj1NQipil6J25tz%2FI4Ebkjy7KqEhUBNXozPUtUYsSaHvxmanPSCTmgAy%2F2sJuwhGI57"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87bef8b8abe36987-FRA
expires
Sat, 19 Apr 2025 11:32:27 GMT
logo.png
korn.army2.mi.th/assets/img/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://korn.army2.mi.th/assets/img/logo.png
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash
9a81ae8a5f5afadd9fddaadaa0291d0e982bd84a5ac826583233acf4c783f6b6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/signin.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:27 GMT
last-modified
Mon, 29 Apr 2024 07:20:50 GMT
server
Apache
accept-ranges
bytes
etag
"ed8f-6173717d6a48f"
content-length
60815
content-type
image/png
jquery-3.3.1.min.js
korn.army2.mi.th/assets/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://korn.army2.mi.th/assets/js/jquery-3.3.1.min.js
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/signin.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:27 GMT
content-encoding
gzip
last-modified
Mon, 29 Apr 2024 07:20:53 GMT
server
Apache
etag
"1538f-6173717fd5698-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30307
popper.min.js
korn.army2.mi.th/assets/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://korn.army2.mi.th/assets/js/popper.min.js
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/signin.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:29 GMT
content-encoding
gzip
last-modified
Mon, 29 Apr 2024 07:20:53 GMT
server
Apache
etag
"520c-6173717ff8915-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7457
bootstrap.bundle.min.js
korn.army2.mi.th/assets/vendor/bootstrap-5/js/ 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://korn.army2.mi.th/assets/vendor/bootstrap-5/js/bootstrap.bundle.min.js
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/signin.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:29 GMT
content-encoding
gzip
last-modified
Mon, 29 Apr 2024 07:20:59 GMT
server
Apache
etag
"13397-617371853e25d-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
22447
jquery.cookie.js
korn.army2.mi.th/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://korn.army2.mi.th/assets/js/jquery.cookie.js
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/signin.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:29 GMT
content-encoding
gzip
last-modified
Mon, 29 Apr 2024 07:20:53 GMT
server
Apache
etag
"c31-6173717fc9b19-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1365
main.js
korn.army2.mi.th/assets/js/ 		3 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://korn.army2.mi.th/assets/js/main.js
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash
c9b25d4eed437bb65aa9c92190e20c90cc345c7da8150c9bf11b9fc7edc567d3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/signin.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:29 GMT
content-encoding
gzip
last-modified
Mon, 29 Apr 2024 07:20:53 GMT
server
Apache
etag
"bec-6173717feae56-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
936
color-scheme.js
korn.army2.mi.th/assets/js/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://korn.army2.mi.th/assets/js/color-scheme.js
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash
d6fce226b0a83a025433bd9db045efb61c7a6db1a5a98df1174f9093a86cda4d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/signin.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:29 GMT
content-encoding
gzip
last-modified
Mon, 29 Apr 2024 07:20:53 GMT
server
Apache
etag
"18fe-6173717f9fb3d-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1080
pwa-services.js
korn.army2.mi.th/assets/js/ 		820 B
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://korn.army2.mi.th/assets/js/pwa-services.js
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash
74744b0a28e44caff0080e8b26e38f99252f711626288c853c22f5bc5fb25863

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/signin.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:29 GMT
content-encoding
gzip
last-modified
Mon, 29 Apr 2024 07:20:53 GMT
server
Apache
etag
"334-617371800f073-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
401
app.js
korn.army2.mi.th/assets/js/ 		34 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://korn.army2.mi.th/assets/js/app.js
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash
a21657a9956df3037cdc5bb65afe3217048a2a25f42dee76e757a9efcbdec603

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/signin.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:29 GMT
content-encoding
gzip
last-modified
Mon, 29 Apr 2024 07:20:53 GMT
server
Apache
etag
"87b4-6173717fa977c-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3925
logo.png
korn.army2.mi.th/assets/img/ 		59 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://korn.army2.mi.th/assets/img/logo.png
Requested by
Host: korn.army2.mi.th
URL: https://korn.army2.mi.th/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash
9a81ae8a5f5afadd9fddaadaa0291d0e982bd84a5ac826583233acf4c783f6b6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/signin.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:27 GMT
last-modified
Mon, 29 Apr 2024 07:20:50 GMT
server
Apache
accept-ranges
bytes
etag
"ed8f-6173717d6a48f"
content-length
60815
content-type
image/png
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css
Origin
https://korn.army2.mi.th
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4037542
x-jsd-version
1.5.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
90528
x-served-by
cache-fra-eddf8230031-FRA, cache-lga21952-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z7ufCwq%2FzRbb1g33FNy4l6taEfWv5mWOqnQuWGFKAug%2FdX%2FyBRIrEiczwqEZ%2FVA5yJ9hNhFRQV9tpxbZc%2FauUTj81EABCFl%2Bf5TR8HfZPQIDQqpAOHFfBpC1Au1TPCdClqxwsQfqlFDRE9npkaw%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87bef8c4fa453618-FRA
favicon32.png
korn.army2.mi.th/assets/img/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://korn.army2.mi.th/assets/img/favicon32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash
4da2b41e72da96164367fd109fc209e3f5be46988e1da2bfe501e0822ac1a1cf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/signin.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:30 GMT
last-modified
Mon, 29 Apr 2024 07:20:49 GMT
server
Apache
accept-ranges
bytes
etag
"1e2b-6173717c176cd"
content-length
7723
content-type
image/png
favicon16.png
korn.army2.mi.th/assets/img/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://korn.army2.mi.th/assets/img/favicon16.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.114.109.92 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH),
Reverse DNS
Software
Apache /
Resource Hash
51cad188e7f230776f61afd3e1e719f7ad26b7862a8ed96833dd6bece1b11aeb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://korn.army2.mi.th/signin.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:32:30 GMT
last-modified
Mon, 29 Apr 2024 07:20:49 GMT
server
Apache
accept-ranges
bytes
etag
"a9c-6173717bcb414"
content-length
2716
content-type
image/png

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| swal function| sweetAlert function| fncSubmit function| Popper number| uidEvent object| bootstrap

1 Cookies

Domain/Path Name / Value
korn.army2.mi.th/ Name: PHPSESSID
Value: eo3nkuugblifkpuuocsug4rlj3

2 Console Messages

Source Level URL
Text
network error URL: https://korn.army2.mi.th/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://korn.army2.mi.th/signin.php
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
korn.army2.mi.th
203.114.109.92
2606:4700::6810:5714
2606:4700::6811:180e
2a00:1450:4001:82f::200a
2a04:4e42:200::649
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
4da2b41e72da96164367fd109fc209e3f5be46988e1da2bfe501e0822ac1a1cf
51cad188e7f230776f61afd3e1e719f7ad26b7862a8ed96833dd6bece1b11aeb
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6e3ee86f36113e0457a4381bfbf346c0fa3eef69cc4644a471045d4776631823
74744b0a28e44caff0080e8b26e38f99252f711626288c853c22f5bc5fb25863
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
8975187e46d59798ad7786c09051f99a330437995df6ddce1ef5d7dc853c5315
9a81ae8a5f5afadd9fddaadaa0291d0e982bd84a5ac826583233acf4c783f6b6
a21657a9956df3037cdc5bb65afe3217048a2a25f42dee76e757a9efcbdec603
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
bf4c086703c934e5ee4d1c1e3b19465050bb38bf8522fb4dc5ad7e3c4edf61b8
c9b25d4eed437bb65aa9c92190e20c90cc345c7da8150c9bf11b9fc7edc567d3
d6fce226b0a83a025433bd9db045efb61c7a6db1a5a98df1174f9093a86cda4d
f0755bb19316cea9d1321fe8dad354f4ef3472c066f9898f776c9e63f43cb7ae
f476561e674312e05d744c21fed80bc3b6ab746dd54d5c019372df98a8b611f5