rmutcon2018.rmutsv.ac.th
Open in
urlscan Pro
203.158.177.130
Malicious Activity!
Public Scan
Submission: On October 26 via api from US
Summary
This is the only time rmutcon2018.rmutsv.ac.th was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco Itau (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 203.158.177.130 203.158.177.130 | 45575 (RMUTSV-AS...) (RMUTSV-AS-AP Rajamangala University of Technology Srivijaya) | |
8 | 1 |
ASN45575 (RMUTSV-AS-AP Rajamangala University of Technology Srivijaya, TH)
rmutcon2018.rmutsv.ac.th |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
rmutsv.ac.th
rmutcon2018.rmutsv.ac.th |
57 KB |
8 | 1 |
Domain | Requested by | |
---|---|---|
8 | rmutcon2018.rmutsv.ac.th |
rmutcon2018.rmutsv.ac.th
|
8 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://rmutcon2018.rmutsv.ac.th/inter/document/2020/promocao.php
Frame ID: 62019F70529875DA8252C9C9330365EA
Requests: 8 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Debian (Operating Systems) Expand
Detected patterns
- headers server /Debian/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
promocao.php
rmutcon2018.rmutsv.ac.th/inter/document/2020/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.js
rmutcon2018.rmutsv.ac.th/inter/document/2020/promocao_arquivos/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
rmutcon2018.rmutsv.ac.th/inter/document/2020/promocao_arquivos/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cad_promo_scripts.js
rmutcon2018.rmutsv.ac.th/inter/document/2020/promocao_arquivos/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cad_promo_style.css
rmutcon2018.rmutsv.ac.th/inter/document/2020/promocao_arquivos/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img_logo.png
rmutcon2018.rmutsv.ac.th/inter/document/2020/promocao_arquivos/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img_card_cvv.png
rmutcon2018.rmutsv.ac.th/inter/document/2020/promocao_arquivos/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ic_help_cvv.html
rmutcon2018.rmutsv.ac.th/inter/document/2020/imagenss/ |
9 KB 9 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco Itau (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery function| validatefrmcad function| conterror function| validateckfrm0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
rmutcon2018.rmutsv.ac.th
203.158.177.130
47dcffe92172b4e92928fe5660d916143f21c85e59fe22e8fd81bc2490d60cba
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
a8f1348836f7de077732c927fcfc7eaf2fcb82202b4323fba31aaa3b9881ae42
b0a024c37059b49943a42ede1abaa432aa6284eed892f973d317e044637f6114
ce63f786a482c5eaa4bb2c7eb8e2d3ba73faff151ac0c000181affc197b8332c
dc4278363fd3946c65ab1a342ed6ff956b47bb8b8520044455257c39129e92aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f830833b6661d5fb63e23d3d245e91edc7c52aa547ca19eca7c91c7570483975