urlscan.io logo urlscan.io
SecurityTrails logo

thailandpost-sms.com Open in urlscan Pro
162.0.215.250  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://thailandpost-sms.com/NF2021
Effective URL: https://thailandpost-sms.com/TRack/Package/06295/
Submission: On April 12 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 20 HTTP transactions. The main IP is 162.0.215.250, located in United States and belongs to NAMECHEAP-NET, US. The main domain is thailandpost-sms.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 30th 2021. Valid for: a year.
This is the only time thailandpost-sms.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: POS Malaysia (Transportation) Generic Banking (Banking)

Domain & IP information

IP Address AS Autonomous System
4 22 162.0.215.250 22612 (NAMECHEAP...)
20 2
Apex Domain
Subdomains		 Transfer
22 thailandpost-sms.com
thailandpost-sms.com
256 KB
20 1
Domain Requested by
22 thailandpost-sms.com 4 redirects thailandpost-sms.com
20 1

This site contains links to these domains. Also see Links.

Domain
moc.gov.kw
Subject Issuer Validity Valid
thailandpost-sms.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-30 -
2022-03-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://thailandpost-sms.com/TRack/Package/06295/
Frame ID: 61928E3CF7E33307D0E0C84806EC0D63
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://thailandpost-sms.com/NF2021 HTTP 301
    https://thailandpost-sms.com/NF2021/ Page URL
  2. https://thailandpost-sms.com/TRack/Package HTTP 301
    https://thailandpost-sms.com/TRack/Package/ HTTP 302
    https://thailandpost-sms.com/TRack/Package/06295 HTTP 301
    https://thailandpost-sms.com/TRack/Package/06295/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

20
Requests

90 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

255 kB
Transfer

748 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://thailandpost-sms.com/NF2021 HTTP 301
    https://thailandpost-sms.com/NF2021/ Page URL
  2. https://thailandpost-sms.com/TRack/Package HTTP 301
    https://thailandpost-sms.com/TRack/Package/ HTTP 302
    https://thailandpost-sms.com/TRack/Package/06295 HTTP 301
    https://thailandpost-sms.com/TRack/Package/06295/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://thailandpost-sms.com/NF2021 HTTP 301
  • https://thailandpost-sms.com/NF2021/

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
thailandpost-sms.com/NF2021/
Redirect Chain
  • https://thailandpost-sms.com/NF2021
  • https://thailandpost-sms.com/NF2021/
86 B
431 B 		Document
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/NF2021/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
afdc1ab99edb1a9547f38addf298d61105bf030abaaf0a8df8c7e21e9d7f0eda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
thailandpost-sms.com
:scheme
https
:path
/NF2021/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:29 GMT
server
Apache
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-encoding
gzip
content-length
102
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade

Redirect headers

date
Mon, 12 Apr 2021 06:39:28 GMT
server
Apache
location
https://thailandpost-sms.com/NF2021/
content-length
244
content-type
text/html; charset=iso-8859-1
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
Primary Request /
thailandpost-sms.com/TRack/Package/06295/
Redirect Chain
  • https://thailandpost-sms.com/TRack/Package
  • https://thailandpost-sms.com/TRack/Package/
  • https://thailandpost-sms.com/TRack/Package/06295
  • https://thailandpost-sms.com/TRack/Package/06295/
24 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/TRack/Package/06295/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
2b20a27b4eb263d8606d30a7d6a7fe3490b099127f0a6409657dc3b0caf46340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
thailandpost-sms.com
:scheme
https
:path
/TRack/Package/06295/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://thailandpost-sms.com/NF2021/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://thailandpost-sms.com/NF2021/

Response headers

date
Mon, 12 Apr 2021 06:39:31 GMT
server
Apache
last-modified
Mon, 12 Apr 2021 06:39:31 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-length
10032
content-type
text/html
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade

Redirect headers

date
Mon, 12 Apr 2021 06:39:31 GMT
server
Apache
location
https://thailandpost-sms.com/TRack/Package/06295/
content-length
257
content-type
text/html; charset=iso-8859-1
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
default-3-892167529--2124134411.css
thailandpost-sms.com/TRack/Package/06295/css/ 		2 KB
1008 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/TRack/Package/06295/css/default-3-892167529--2124134411.css
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
bd7a17375c7d2649b2457ee2b045c3c75fbcc60919fd307fa6563fba07c576a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thailandpost-sms.com/TRack/Package/06295/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:31 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Apr 2021 06:39:31 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
682
x-content-type-options
nosniff
responsive-default-fba17bacfbd38519b2a43e0664756de293c416f66863c108d9fc3d85b90c3733.css
thailandpost-sms.com/TRack/Package/06295/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/TRack/Package/06295/css/responsive-default-fba17bacfbd38519b2a43e0664756de293c416f66863c108d9fc3d85b90c3733.css
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
fba17bacfbd38519b2a43e0664756de293c416f66863c108d9fc3d85b90c3733
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thailandpost-sms.com/TRack/Package/06295/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:31 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Apr 2021 06:39:31 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
2443
x-content-type-options
nosniff
blocks.css
thailandpost-sms.com/TRack/Package/06295/ziko/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/TRack/Package/06295/ziko/blocks.css
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
8851c4eff7c025edc379ed3d6f62dbba14afeb88261ad9bf4e1eb47ca5682a0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thailandpost-sms.com/TRack/Package/06295/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:31 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Apr 2021 06:39:31 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
1883
x-content-type-options
nosniff
application-b183243468889ccac29f50cb91971600b27ab309c289600f0e29f9a77e11b2b4.js.download
thailandpost-sms.com/TRack/Package/06295/css/ 		200 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/TRack/Package/06295/css/application-b183243468889ccac29f50cb91971600b27ab309c289600f0e29f9a77e11b2b4.js.download
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
b183243468889ccac29f50cb91971600b27ab309c289600f0e29f9a77e11b2b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thailandpost-sms.com/TRack/Package/06295/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:31 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Apr 2021 06:39:31 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
x-content-type-options
nosniff
js
thailandpost-sms.com/TRack/Package/06295/css/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/TRack/Package/06295/css/js
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
4612734303c80042ce49b5d1884b673bc6a9ee1db944b9291355cc98352ce666
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thailandpost-sms.com/TRack/Package/06295/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:31 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Apr 2021 06:39:31 GMT
server
Apache
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
37836
x-content-type-options
nosniff
formidableforms.css
thailandpost-sms.com/TRack/Package/06295/ziko/ 		81 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/TRack/Package/06295/ziko/formidableforms.css
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
1d56d600bd57e7f0010559bd34feb2eb466fcc854a8931d7f51a4e1c9a81609a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thailandpost-sms.com/TRack/Package/06295/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:31 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Apr 2021 06:39:31 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
11777
x-content-type-options
nosniff
css
thailandpost-sms.com/TRack/Package/06295/ziko/ 		0
0
style.css
thailandpost-sms.com/TRack/Package/06295/ziko/ 		86 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/TRack/Package/06295/ziko/style.css
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
e265caceadd7c84293dbcc22595c31f5cc175773c7155bbbb59d82185f2766b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thailandpost-sms.com/TRack/Package/06295/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:31 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Apr 2021 06:39:31 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
16211
x-content-type-options
nosniff
combined.min.css
thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/ 		39 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/combined.min.css
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
2b2199879955cb927cac9e685fe1357c13b63a7f26aff3d0e894b13b54698fbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thailandpost-sms.com/TRack/Package/06295/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:31 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Apr 2021 06:39:31 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
8840
x-content-type-options
nosniff
public.min.css
thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/public.min.css
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
079f69d9f24e528516e09a5b9f87285b1801ce1dd4aa8155b848ead91b668939
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thailandpost-sms.com/TRack/Package/06295/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:31 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Apr 2021 06:39:31 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
1157
x-content-type-options
nosniff
lok.png
thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/lok.png
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
1c5d792c0ac2ba23cdf5fb5c03e861ea896f7a4ae8b6b82391b5d8fabcef8081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thailandpost-sms.com/TRack/Package/06295/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:32 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Apr 2021 06:39:31 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
33857
x-content-type-options
nosniff
jquery-3.1.1.slim.min.js
thailandpost-sms.com/TRack/Package/06295/asset/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/TRack/Package/06295/asset/jquery-3.1.1.slim.min.js
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thailandpost-sms.com/TRack/Package/06295/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:32 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
315
x-content-type-options
nosniff
pin-basic.svg
thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/pin-basic.svg
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
aa445439f4c3bc0aa0c7daffd10de0761f28493bb02416307a7a0f61ab2a7494
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thailandpost-sms.com/TRack/Package/06295/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:32 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Apr 2021 06:39:31 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
1829
x-content-type-options
nosniff
combined.min.js.download
thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/ 		205 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/combined.min.js.download
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
1c88b04b90105031ea77462774c3ef2570e95ad4e94eaccf701e3ba2c3c8110a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thailandpost-sms.com/TRack/Package/06295/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:32 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Apr 2021 06:39:31 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
x-content-type-options
nosniff
css
thailandpost-sms.com/TRack/Package/06295/ziko/ 		0
0
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c3a5ddcb93ff5c8fda59a7def7685cf897cc67b08a6ce0f5d040705e73ce3f8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jquery-3.1.1.slim.min.js
thailandpost-sms.com/TRack/Package/06295/asset/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/TRack/Package/06295/asset/jquery-3.1.1.slim.min.js
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thailandpost-sms.com/TRack/Package/06295/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:32 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
315
x-content-type-options
nosniff
hpp-icons.ttf
thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/hpp-icons.ttf?idbrji
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/combined.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://thailandpost-sms.com
Referer
https://thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/combined.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:32 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
315
x-content-type-options
nosniff
hpp-icons.woff
thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/hpp-icons.woff?idbrji
Requested by
Host: thailandpost-sms.com
URL: https://thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/combined.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business117-1.web-hosting.com
Software
Apache /
Resource Hash
b94922aa1f20a3ddc3f53ffbd30bb3f9e329c05dece83fa668c2430ec01475e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://thailandpost-sms.com
Referer
https://thailandpost-sms.com/TRack/Package/06295/Card%20Details_files/combined.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:39:33 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Apr 2021 06:39:31 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
font/woff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
4384
x-content-type-options
nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
thailandpost-sms.com
URL
https://thailandpost-sms.com/TRack/Package/06295/ziko/css
Domain
thailandpost-sms.com
URL
https://thailandpost-sms.com/TRack/Package/06295/ziko/css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: POS Malaysia (Transportation) Generic Banking (Banking)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| LiveValidation function| LiveValidationForm object| Validate object| RsaOaep function| $ function| jQuery undefined| fallbackAlertFunction object| worldpay object| thmx function| worldpayHppRecaptchaRender object| WP object| html5 object| respond function| setAttr function| getAttr string| defaultCardNumberGrouping string| defaultCardNumberSeparator number| minDigitsToUseForCardTypeCheck string| attrPrefix function| doCheck function| queue function| queueCancel function| send function| sendToHpp function| cacheFetch function| cacheStore function| handleResult object| utils

2 Cookies

Domain/Path Name / Value
thailandpost-sms.com/TRack/Package/06295 Name:
Value: null
thailandpost-sms.com/TRack/Package/06295 Name: test
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block