s3.amazonaws.com Open in urlscan Pro
52.216.138.213 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kpi-offscan.kpi.ac.th/elib/cgi-bin/opacexe.exe?op=redir&lang=0&db=Main&pat=%A1%D2%C3%C1%D5%CA%E8%C7%B9%C3%E8%C7%C1&cat...
Effective URL:
https://s3.amazonaws.com/appforest_uf/f1675410183289x493150013893848700/OWA098765REDFGHJKOIJHGFDERTYUJKMNBVCFJNBVFJKJUYTR...
Submission Tags: falconsandbox
Submission: On February 16 via api (February 16th 2023, 8:31:32 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 11 HTTP transactions. The main IP is 52.216.138.213, located in Ashburn, United States and belongs to AMAZON-02, US. The main domain is s3.amazonaws.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on December 6th 2022. Valid for: a year.

This is the only time s3.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	203.114.109.142 203.114.109.142	23969 (TOT-NET T...) (TOT-NET TOT Public Company Limited)
4	52.216.138.213 52.216.138.213	16509 (AMAZON-02) (AMAZON-02)
3	162.213.255.79 162.213.255.79	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	51.195.48.67 51.195.48.67	16276 (OVH) (OVH)
11	5

1 203.114.109.142 (Thailand)

ASN23969 (TOT-NET TOT Public Company Limited, TH)

kpi-offscan.kpi.ac.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.216.138.213 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.213.255.79 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server283-1.web-hosting.com

les.abbeyhlli-int.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.48.67 (France)

ASN16276 (OVH, FR)
PTR: ip67.ip-51-195-48.eu

cluster3.adfs.ovh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	amazonaws.com s3.amazonaws.com	56 KB
3	abbeyhlli-int.com les.abbeyhlli-int.com Failed	13 KB
1	ovh.net cluster3.adfs.ovh.net	10 KB
1	kpi.ac.th kpi-offscan.kpi.ac.th	386 B
11	4

	Domain	Requested by
4	s3.amazonaws.com	s3.amazonaws.com les.abbeyhlli-int.com
3	les.abbeyhlli-int.com	s3.amazonaws.com les.abbeyhlli-int.com
1	cluster3.adfs.ovh.net	s3.amazonaws.com
1	kpi-offscan.kpi.ac.th
11	4

This site contains no links.

Subject Issuer	Validity	Valid
s3.amazonaws.com Amazon RSA 2048 M01	`2022-12-06` - `2023-12-05`	a year	crt.sh
cluster3.adfs.ovh.net Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-05-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://s3.amazonaws.com/appforest_uf/f1675410183289x493150013893848700/OWA098765REDFGHJKOIJHGFDERTYUJKMNBVCFJNBVFJKJUYTRFDCVBJUYTRFDCVBJUYTRDFRTYJNBVFJKIUYTRDCVBJKIUYTRDFHJKIUYTREDFJKIUYTRDFHJKUYTRFDFGHJNBVCFDHJKJUYTRFDCVBNJGFDSDTYHBVFJ.html?alt=media&token=eceadc54-a951-44b8-ae51-18aaf8c8e92f&XY1j66LN6G69wvfcMFIJlbKxQhbsxYf75L7rkVSF1z1j9hIqWmoiKY4L6kj18BOoZb54oGDgjV6WSpkViyfp4neW6IoWBNsyO0XU=CbouepVMAY9OkAlfM8HMCcXfxCF0QgkKdjFCG1kJduNbQTL1GZXd0ZxIyITMj2gcUEzVqnXjIYJzSAc0ADPAJQ8LEYnyycimzhEZsusftUCFL6iC7JFO9KAbStctXve50SloezajB3OH5wcxhVFLld&email=kentaka@nichiiko.co.jp&IZOldQPyf8IFTJpORwHyhW3PWQ08SDxLlO7qMmrPHLv5JURuUDfyoddTjVzVAFDukq8G4ihFV8dij1cmpFs2KmaMjoU0K52BxgDr
Frame ID: 90948FC4D1E8CF464DBEBA868CAA244D
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In

Page URL History Show full URLs

http://kpi-offscan.kpi.ac.th/elib/cgi-bin/opacexe.exe?op=redir&lang=0&db=Main&pat=%A1%D2%C3%C1%D5%CA%E8%C... Page URL
https://s3.amazonaws.com/appforest_uf/f1675615245021x188597381800609020/indexxxx.html?KsLQt3t5wFDEYIf... Page URL
http://les.abbeyhlli-int.com/6ynyuetNbfgcCp1699oU?alt=media&token=eceadc54-a951-44b8-ae51-18aaf8c8e92f&cI... Page URL
https://s3.amazonaws.com/appforest_uf/f1675410183289x493150013893848700/OWA098765REDFGHJKOIJHGFDERTYU... Page URL

Page Statistics

11
Requests

45 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

79 kB
Transfer

106 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kpi-offscan.kpi.ac.th/elib/cgi-bin/opacexe.exe?op=redir&lang=0&db=Main&pat=%A1%D2%C3%C1%D5%CA%E8%C7%B9%C3%E8%C7%C1&cat=sub&skin=u&lpp=20&catop&scid=zzz&bid=1115&u=https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1675615245021x188597381800609020%2Findexxxx.html%3FKsLQt3t5wFDEYIf%3Da2VudGFrYUBuaWNoaWlrby5jby5qcA%3D%3D%26 Page URL
https://s3.amazonaws.com/appforest_uf/f1675615245021x188597381800609020/indexxxx.html?KsLQt3t5wFDEYIf=a2VudGFrYUBuaWNoaWlrby5jby5qcA==& Page URL
http://les.abbeyhlli-int.com/6ynyuetNbfgcCp1699oU?alt=media&token=eceadc54-a951-44b8-ae51-18aaf8c8e92f&cICIDRIg6fib0grm8WbXx52vLaJ9bQA5WjabdRMieJIR1Je1AMaa7xe9ffLABg3OSpq1ysnZK2TDEVxO4LAuyWUuZ2CVYRd3gVk6=swlEcwVCdfQhShzRDU7KwuMKhT4jq2yGf3fybU6gHjJNtzcg0pIQHmwu22w2xNLn5RCG13uTR45elrZwTCxrNG5NQa7HBLbYZ4HbgYih0je7IwAyR5n4MQUx4EJyMRqAVwUt48myzc2ILXzm50TaJ3&email=a2VudGFrYUBuaWNoaWlrby5jby5qcA==&vTB638AB1Tcdd9A5FhnfY0iFzmG1uSbBLJM9QqFmjbWCga020DAYh5HMH4tds9O2Qs1Rr0nanc2WPBvTEgQarBIyrU7txO2aXZIU Page URL
https://s3.amazonaws.com/appforest_uf/f1675410183289x493150013893848700/OWA098765REDFGHJKOIJHGFDERTYUJKMNBVCFJNBVFJKJUYTRFDCVBJUYTRFDCVBJUYTRDFRTYJNBVFJKIUYTRDCVBJKIUYTRDFHJKIUYTREDFJKIUYTRDFHJKUYTRFDFGHJNBVCFDHJKJUYTRFDCVBNJGFDSDTYHBVFJ.html?alt=media&token=eceadc54-a951-44b8-ae51-18aaf8c8e92f&XY1j66LN6G69wvfcMFIJlbKxQhbsxYf75L7rkVSF1z1j9hIqWmoiKY4L6kj18BOoZb54oGDgjV6WSpkViyfp4neW6IoWBNsyO0XU=CbouepVMAY9OkAlfM8HMCcXfxCF0QgkKdjFCG1kJduNbQTL1GZXd0ZxIyITMj2gcUEzVqnXjIYJzSAc0ADPAJQ8LEYnyycimzhEZsusftUCFL6iC7JFO9KAbStctXve50SloezajB3OH5wcxhVFLld&email=kentaka@nichiiko.co.jp&IZOldQPyf8IFTJpORwHyhW3PWQ08SDxLlO7qMmrPHLv5JURuUDfyoddTjVzVAFDukq8G4ihFV8dij1cmpFs2KmaMjoU0K52BxgDr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	opacexe.exe kpi-offscan.kpi.ac.th/elib/cgi-bin/	197 B 386 B	1286ms 732ms	Document text/html	203.114.109.142 TOT-NET TOT Publi...
General Check archive.org Show headers Download Go to Full URL http://kpi-offscan.kpi.ac.th/elib/cgi-bin/opacexe.exe?op=redir&lang=0&db=Main&pat=%A1%D2%C3%C1%D5%CA%E8%C7%B9%C3%E8%C7%C1&cat=sub&skin=u&lpp=20&catop&scid=zzz&bid=1115&u=https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1675615245021x188597381800609020%2Findexxxx.html%3FKsLQt3t5wFDEYIf%3Da2VudGFrYUBuaWNoaWlrby5jby5qcA%3D%3D%26 Protocol HTTP/1.1 Server 203.114.109.142 , Thailand, ASN23969 (TOT-NET TOT Public Company Limited, TH), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection close Content-Length 197 Content-Type text/html Date Thu, 16 Feb 2023 20:31:28 GMT Pragma no-cache Server Microsoft-IIS/7.0 X-Powered-By ASP.NET
GET H/1.1	200 OK	indexxxx.html s3.amazonaws.com/appforest_uf/f1675615245021x188597381800609020/	13 KB 13 KB	420ms 140ms	Document text/html	52.216.138.213 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/appforest_uf/f1675615245021x188597381800609020/indexxxx.html?KsLQt3t5wFDEYIf=a2VudGFrYUBuaWNoaWlrby5jby5qcA==& Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.138.213 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash Request headers Referer http://kpi-offscan.kpi.ac.th/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control public,max-age=86400 Content-Length 12965 Content-Type text/html Date Thu, 16 Feb 2023 20:31:28 GMT ETag "ee6c5e72a3f4b13cbcd9a38bb071cc46" Last-Modified Sun, 05 Feb 2023 16:40:46 GMT Server AmazonS3 x-amz-id-2 s0zGm4qnby2QX+7WCkByKqJQHuZ3QmwYTbKyt8apPP2otneStmJJubQafbsj/Vpodwqb7xejveo= x-amz-meta-app-version test x-amz-meta-appname outlook-98765456789765-09 x-amz-request-id XQ9YBH6J5FYFNQNK x-amz-server-side-encryption AES256 x-amz-version-id AO.6N6K9U574UWtuQf6WTGRNTAHEy1ho
GET H/1.1	404 Not Found	server_misconfigured.png s3.amazonaws.com/img-sys/	297 B 297 B	104ms 104ms	Image application/xml	52.216.138.213 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.amazonaws.com/img-sys/server_misconfigured.png Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/appforest_uf/f1675615245021x188597381800609020/indexxxx.html?KsLQt3t5wFDEYIf=a2VudGFrYUBuaWNoaWlrby5jby5qcA==& Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.138.213 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://s3.amazonaws.com/appforest_uf/f1675615245021x188597381800609020/indexxxx.html?KsLQt3t5wFDEYIf=a2VudGFrYUBuaWNoaWlrby5jby5qcA==& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 20:31:26 GMT Server AmazonS3 x-amz-request-id XQ9GQ027B1VHCRKC x-amz-id-2 X5Th5OupyMjVZvPyORe5HqhF4er0fOPZMUqm3j9fnIJDHyG4PZPN9pQw+gtvkLs12KwhyntMqIg= Transfer-Encoding chunked Content-Type application/xml
GET H/1.1	404 Not Found	powered_by_cpanel.svg s3.amazonaws.com/img-sys/	297 B 297 B	207ms 102ms	Image application/xml	52.216.138.213 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.amazonaws.com/img-sys/powered_by_cpanel.svg Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/appforest_uf/f1675615245021x188597381800609020/indexxxx.html?KsLQt3t5wFDEYIf=a2VudGFrYUBuaWNoaWlrby5jby5qcA==& Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.138.213 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://s3.amazonaws.com/appforest_uf/f1675615245021x188597381800609020/indexxxx.html?KsLQt3t5wFDEYIf=a2VudGFrYUBuaWNoaWlrby5jby5qcA==& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 20:31:26 GMT Server AmazonS3 x-amz-request-id XQ9J5Y96NNFPES09 x-amz-id-2 d6lIgwo7XuokEnUIkPIp51qu2m1C/7JrMdAjaV9UMTPEnA5wvwKXhJGL7vsd17QCxYOc7XegZpE= Transfer-Encoding chunked Content-Type application/xml
GET		6ynyuetNbfgcCp1699oU les.abbeyhlli-int.com/	0 0

GET H/1.1	404 Not Found	6ynyuetNbfgcCp1699oU les.abbeyhlli-int.com/	12 KB 6 KB	555ms 182ms	Document text/html	162.213.255.79 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://les.abbeyhlli-int.com/6ynyuetNbfgcCp1699oU?alt=media&token=eceadc54-a951-44b8-ae51-18aaf8c8e92f&cICIDRIg6fib0grm8WbXx52vLaJ9bQA5WjabdRMieJIR1Je1AMaa7xe9ffLABg3OSpq1ysnZK2TDEVxO4LAuyWUuZ2CVYRd3gVk6=swlEcwVCdfQhShzRDU7KwuMKhT4jq2yGf3fybU6gHjJNtzcg0pIQHmwu22w2xNLn5RCG13uTR45elrZwTCxrNG5NQa7HBLbYZ4HbgYih0je7IwAyR5n4MQUx4EJyMRqAVwUt48myzc2ILXzm50TaJ3&email=a2VudGFrYUBuaWNoaWlrby5jby5qcA==&vTB638AB1Tcdd9A5FhnfY0iFzmG1uSbBLJM9QqFmjbWCga020DAYh5HMH4tds9O2Qs1Rr0nanc2WPBvTEgQarBIyrU7txO2aXZIU Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/appforest_uf/f1675615245021x188597381800609020/indexxxx.html?KsLQt3t5wFDEYIf=a2VudGFrYUBuaWNoaWlrby5jby5qcA==& Protocol HTTP/1.1 Server 162.213.255.79 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server283-1.web-hosting.com Software LiteSpeed / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html date Thu, 16 Feb 2023 20:31:27 GMT keep-alive timeout=5, max=100 server LiteSpeed transfer-encoding chunked vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H/1.1	200 OK	server_misconfigured.png les.abbeyhlli-int.com/img-sys/	3 KB 3 KB	261ms 260ms	Image image/png	162.213.255.79 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://les.abbeyhlli-int.com/img-sys/server_misconfigured.png Requested by Host: les.abbeyhlli-int.com URL: http://les.abbeyhlli-int.com/6ynyuetNbfgcCp1699oU?alt=media&token=eceadc54-a951-44b8-ae51-18aaf8c8e92f&cICIDRIg6fib0grm8WbXx52vLaJ9bQA5WjabdRMieJIR1Je1AMaa7xe9ffLABg3OSpq1ysnZK2TDEVxO4LAuyWUuZ2CVYRd3gVk6=swlEcwVCdfQhShzRDU7KwuMKhT4jq2yGf3fybU6gHjJNtzcg0pIQHmwu22w2xNLn5RCG13uTR45elrZwTCxrNG5NQa7HBLbYZ4HbgYih0je7IwAyR5n4MQUx4EJyMRqAVwUt48myzc2ILXzm50TaJ3&email=a2VudGFrYUBuaWNoaWlrby5jby5qcA==&vTB638AB1Tcdd9A5FhnfY0iFzmG1uSbBLJM9QqFmjbWCga020DAYh5HMH4tds9O2Qs1Rr0nanc2WPBvTEgQarBIyrU7txO2aXZIU Protocol HTTP/1.1 Server 162.213.255.79 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server283-1.web-hosting.com Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://les.abbeyhlli-int.com/6ynyuetNbfgcCp1699oU?alt=media&token=eceadc54-a951-44b8-ae51-18aaf8c8e92f&cICIDRIg6fib0grm8WbXx52vLaJ9bQA5WjabdRMieJIR1Je1AMaa7xe9ffLABg3OSpq1ysnZK2TDEVxO4LAuyWUuZ2CVYRd3gVk6=swlEcwVCdfQhShzRDU7KwuMKhT4jq2yGf3fybU6gHjJNtzcg0pIQHmwu22w2xNLn5RCG13uTR45elrZwTCxrNG5NQa7HBLbYZ4HbgYih0je7IwAyR5n4MQUx4EJyMRqAVwUt48myzc2ILXzm50TaJ3&email=a2VudGFrYUBuaWNoaWlrby5jby5qcA==&vTB638AB1Tcdd9A5FhnfY0iFzmG1uSbBLJM9QqFmjbWCga020DAYh5HMH4tds9O2Qs1Rr0nanc2WPBvTEgQarBIyrU7txO2aXZIU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 20:31:27 GMT last-modified Tue, 28 Oct 2014 01:09:05 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes keep-alive timeout=5, max=100 content-length 3164 expires Thu, 23 Feb 2023 20:31:27 GMT
GET H/1.1	200 OK	powered_by_cpanel.svg les.abbeyhlli-int.com/img-sys/	5 KB 3 KB	261ms 261ms	Image image/svg+xml	162.213.255.79 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://les.abbeyhlli-int.com/img-sys/powered_by_cpanel.svg Requested by Host: les.abbeyhlli-int.com URL: http://les.abbeyhlli-int.com/6ynyuetNbfgcCp1699oU?alt=media&token=eceadc54-a951-44b8-ae51-18aaf8c8e92f&cICIDRIg6fib0grm8WbXx52vLaJ9bQA5WjabdRMieJIR1Je1AMaa7xe9ffLABg3OSpq1ysnZK2TDEVxO4LAuyWUuZ2CVYRd3gVk6=swlEcwVCdfQhShzRDU7KwuMKhT4jq2yGf3fybU6gHjJNtzcg0pIQHmwu22w2xNLn5RCG13uTR45elrZwTCxrNG5NQa7HBLbYZ4HbgYih0je7IwAyR5n4MQUx4EJyMRqAVwUt48myzc2ILXzm50TaJ3&email=a2VudGFrYUBuaWNoaWlrby5jby5qcA==&vTB638AB1Tcdd9A5FhnfY0iFzmG1uSbBLJM9QqFmjbWCga020DAYh5HMH4tds9O2Qs1Rr0nanc2WPBvTEgQarBIyrU7txO2aXZIU Protocol HTTP/1.1 Server 162.213.255.79 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server283-1.web-hosting.com Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://les.abbeyhlli-int.com/6ynyuetNbfgcCp1699oU?alt=media&token=eceadc54-a951-44b8-ae51-18aaf8c8e92f&cICIDRIg6fib0grm8WbXx52vLaJ9bQA5WjabdRMieJIR1Je1AMaa7xe9ffLABg3OSpq1ysnZK2TDEVxO4LAuyWUuZ2CVYRd3gVk6=swlEcwVCdfQhShzRDU7KwuMKhT4jq2yGf3fybU6gHjJNtzcg0pIQHmwu22w2xNLn5RCG13uTR45elrZwTCxrNG5NQa7HBLbYZ4HbgYih0je7IwAyR5n4MQUx4EJyMRqAVwUt48myzc2ILXzm50TaJ3&email=a2VudGFrYUBuaWNoaWlrby5jby5qcA==&vTB638AB1Tcdd9A5FhnfY0iFzmG1uSbBLJM9QqFmjbWCga020DAYh5HMH4tds9O2Qs1Rr0nanc2WPBvTEgQarBIyrU7txO2aXZIU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 20:31:27 GMT content-encoding gzip last-modified Fri, 17 Mar 2017 18:07:24 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes keep-alive timeout=5, max=100 content-length 2655 expires Thu, 23 Feb 2023 20:31:27 GMT
GET		OWA098765REDFGHJKOIJHGFDERTYUJKMNBVCFJNBVFJKJUYTRFDCVBJUYTRFDCVBJUYTRDFRTYJNBVFJKIUYTRDCVBJKIUYTRDFHJKIUYTREDFJKIUYTRDFHJKUYTRFDFGHJNBVCFDHJKJUYTRFDCVBNJGFDSDTYHBVFJ.html s3.amazonaws.com/appforest_uf/f1675410183289x493150013893848700/	0 0

GET H/1.1	200 OK	Primary Request OWA098765REDFGHJKOIJHGFDERTYUJKMNBVCFJNBVFJKJUYTRFDCVBJUYTRFDCVBJUYTRDFRTYJNBVFJKIUYTRDCVBJKIUYTRDFHJKIUYTREDFJKIUYTRDFHJKUYTRFDFGHJNBVCFDHJKJUYTRFDCVBNJGFDSDTYHBVFJ.html Show response s3.amazonaws.com/appforest_uf/f1675410183289x493150013893848700/	41 KB 42 KB	249ms 249ms	Document text/html	52.216.138.213 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/appforest_uf/f1675410183289x493150013893848700/OWA098765REDFGHJKOIJHGFDERTYUJKMNBVCFJNBVFJKJUYTRFDCVBJUYTRFDCVBJUYTRDFRTYJNBVFJKIUYTRDCVBJKIUYTRDFHJKIUYTREDFJKIUYTRDFHJKUYTRFDFGHJNBVCFDHJKJUYTRFDCVBNJGFDSDTYHBVFJ.html?alt=media&token=eceadc54-a951-44b8-ae51-18aaf8c8e92f&XY1j66LN6G69wvfcMFIJlbKxQhbsxYf75L7rkVSF1z1j9hIqWmoiKY4L6kj18BOoZb54oGDgjV6WSpkViyfp4neW6IoWBNsyO0XU=CbouepVMAY9OkAlfM8HMCcXfxCF0QgkKdjFCG1kJduNbQTL1GZXd0ZxIyITMj2gcUEzVqnXjIYJzSAc0ADPAJQ8LEYnyycimzhEZsusftUCFL6iC7JFO9KAbStctXve50SloezajB3OH5wcxhVFLld&email=kentaka@nichiiko.co.jp&IZOldQPyf8IFTJpORwHyhW3PWQ08SDxLlO7qMmrPHLv5JURuUDfyoddTjVzVAFDukq8G4ihFV8dij1cmpFs2KmaMjoU0K52BxgDr Requested by Host: les.abbeyhlli-int.com URL: http://les.abbeyhlli-int.com/6ynyuetNbfgcCp1699oU?alt=media&token=eceadc54-a951-44b8-ae51-18aaf8c8e92f&cICIDRIg6fib0grm8WbXx52vLaJ9bQA5WjabdRMieJIR1Je1AMaa7xe9ffLABg3OSpq1ysnZK2TDEVxO4LAuyWUuZ2CVYRd3gVk6=swlEcwVCdfQhShzRDU7KwuMKhT4jq2yGf3fybU6gHjJNtzcg0pIQHmwu22w2xNLn5RCG13uTR45elrZwTCxrNG5NQa7HBLbYZ4HbgYih0je7IwAyR5n4MQUx4EJyMRqAVwUt48myzc2ILXzm50TaJ3&email=a2VudGFrYUBuaWNoaWlrby5jby5qcA==&vTB638AB1Tcdd9A5FhnfY0iFzmG1uSbBLJM9QqFmjbWCga020DAYh5HMH4tds9O2Qs1Rr0nanc2WPBvTEgQarBIyrU7txO2aXZIU Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.138.213 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash `6eaa8cdfda43dff7027c7b9990ab4a223db73d8121b8963404ef4fb44cc7e991` Request headers Referer http://les.abbeyhlli-int.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control public,max-age=86400 Content-Length 42374 Content-Type text/html Date Thu, 16 Feb 2023 20:31:28 GMT ETag "3c04831859b7441f821c10cb2ee08172" Last-Modified Fri, 03 Feb 2023 07:43:04 GMT Server AmazonS3 x-amz-id-2 LGMNgDLfMmAuywVk378wIjV9AJ0wD5CkBjdrau2kNWv4p9hOKba1uVCc/2GztU1Ce3SP9tuvxWU= x-amz-meta-app-version test x-amz-meta-appname outlook-98765456789765-09 x-amz-request-id XQ9R8NGBKRJ6SFHR x-amz-server-side-encryption AES256 x-amz-version-id DJWyqi5vQ0SJwMn9SyEWmqTcLRn_TDTK
GET H/1.1	200 OK	style.css cluster3.adfs.ovh.net/adfs/portal/css/	10 KB 10 KB	204ms 17ms	Stylesheet text/css	51.195.48.67 OVH
General Check archive.org Show headers Download Go to Full URL https://cluster3.adfs.ovh.net/adfs/portal/css/style.css?id=70D6CB9AF553FFA6C34C7E662A911CF2FAA2987A630128BE9EDF7FDAC4CCA465&rp=fc9c2fdc-8861-e711-a2b8-005056aa7a39 Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/appforest_uf/f1675410183289x493150013893848700/OWA098765REDFGHJKOIJHGFDERTYUJKMNBVCFJNBVFJKJUYTRFDCVBJUYTRFDCVBJUYTRDFRTYJNBVFJKIUYTRDCVBJKIUYTRDFHJKIUYTREDFJKIUYTRDFHJKUYTRFDFGHJNBVCFDHJKJUYTRFDCVBNJGFDSDTYHBVFJ.html?alt=media&token=eceadc54-a951-44b8-ae51-18aaf8c8e92f&XY1j66LN6G69wvfcMFIJlbKxQhbsxYf75L7rkVSF1z1j9hIqWmoiKY4L6kj18BOoZb54oGDgjV6WSpkViyfp4neW6IoWBNsyO0XU=CbouepVMAY9OkAlfM8HMCcXfxCF0QgkKdjFCG1kJduNbQTL1GZXd0ZxIyITMj2gcUEzVqnXjIYJzSAc0ADPAJQ8LEYnyycimzhEZsusftUCFL6iC7JFO9KAbStctXve50SloezajB3OH5wcxhVFLld&email=kentaka@nichiiko.co.jp&IZOldQPyf8IFTJpORwHyhW3PWQ08SDxLlO7qMmrPHLv5JURuUDfyoddTjVzVAFDukq8G4ihFV8dij1cmpFs2KmaMjoU0K52BxgDr Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 51.195.48.67 , France, ASN16276 (OVH, FR), Reverse DNS ip67.ip-51-195-48.eu Software Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 / Resource Hash `70d6cb9af553ffa6c34c7e662a911cf2faa2987a630128be9edf7fdac4cca465` Request headers accept-language de-DE,de;q=0.9 Referer https://s3.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Expires Sat, 18 Mar 2023 20:31:28 GMT Date Thu, 16 Feb 2023 20:31:28 GMT Server Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 ETag 70D6CB9AF553FFA6C34C7E662A911CF2FAA2987A630128BE9EDF7FDAC4CCA465 Content-Length 10397 Content-Type text/css
GET DATA	200 OK	truncated /	10 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `959e58279a99e4cc1e75675f8decd42248da989fc9c2b49e20551e12be04186f` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	10 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `1d7b2fe1dee245555a07ede20d58eff2fc2079a3dd05cf59a7bc06d0abd0cb24` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: les.abbeyhlli-int.com
URL: http://les.abbeyhlli-int.com/6ynyuetNbfgcCp1699oU?alt=media&token=eceadc54-a951-44b8-ae51-18aaf8c8e92f&HF3zqQOOCkZTtv38LTTxbhTP8uxz3cwZzEKifrSAtfvHzXq2P7o8KB2knh9uU9duTcCdqubOycxriMxnovi7c3vOCrgFzioMT2uF=4fzraeXMvl531SzW0iVOk6J4DVEeSFUg652vPKMxYY6Kpy9wN67CjTp8h9WfwFsQVQvE35MbUcNmVDICwSngxFUGhlCXRbFCnWUaN9pNxfVKOnMbKU9uTptErA8UE7TlC5t4Co9Bx8DFzdDukuZQS9&email=a2VudGFrYUBuaWNoaWlrby5jby5qcA==&mwE6qkUFiwsSIHVDGPw9y2T7g0fM4ZfjHJkNootAXdn6Y3dNYWFpqJGZBIRLX0JKoYYaOaCjPTSTNE77nNJH9UkM5QGgyglVQmW6

Domain: s3.amazonaws.com
URL: https://s3.amazonaws.com/appforest_uf/f1675410183289x493150013893848700/OWA098765REDFGHJKOIJHGFDERTYUJKMNBVCFJNBVFJKJUYTRFDCVBJUYTRFDCVBJUYTRDFRTYJNBVFJKIUYTRDCVBJKIUYTRDFHJKIUYTREDFJKIUYTRDFHJKUYTRFDFGHJNBVCFDHJKJUYTRFDCVBNJGFDSDTYHBVFJ.html?alt=media&token=eceadc54-a951-44b8-ae51-18aaf8c8e92f&Ri9Q0UplsYFx1X2zmpptvnVj8hdO1wAwnW0PH3Q5bbrSXKzc93kxMRD9xbPTwwWqwArC2ggMP4eVOqE8n4L7D0y0idLNK7cEMPgz=KfvEUVbdOpuWCuSmzZhYp1O5Nv0Fm629eXtEUi2qCdbyOTpBPa6UaNitEBUyxF0YLHwR23BRYgYEcGOgd7SCTUl8xzau2a28ywbRlSeFXvjBvZJP65KDKHsZuvQIdwSQ1vGwXQAZlckN1nqo4ixUQb&email=kentaka@nichiiko.co.jp&ZcvPrJfJP8LGdEpfZ1nrgUV7HXEgEADsjnQgR3oJWTuPotBd87TKsidmU1LCAtpq3S8I3iziDvHW667YmskEEawPafACv6lE8LS7

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s3.amazonaws.com/img-sys/server_misconfigured.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://s3.amazonaws.com/img-sys/powered_by_cpanel.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://les.abbeyhlli-int.com/6ynyuetNbfgcCp1699oU?alt=media&token=eceadc54-a951-44b8-ae51-18aaf8c8e92f&cICIDRIg6fib0grm8WbXx52vLaJ9bQA5WjabdRMieJIR1Je1AMaa7xe9ffLABg3OSpq1ysnZK2TDEVxO4LAuyWUuZ2CVYRd3gVk6=swlEcwVCdfQhShzRDU7KwuMKhT4jq2yGf3fybU6gHjJNtzcg0pIQHmwu22w2xNLn5RCG13uTR45elrZwTCxrNG5NQa7HBLbYZ4HbgYih0je7IwAyR5n4MQUx4EJyMRqAVwUt48myzc2ILXzm50TaJ3&email=a2VudGFrYUBuaWNoaWlrby5jby5qcA==&vTB638AB1Tcdd9A5FhnfY0iFzmG1uSbBLJM9QqFmjbWCga020DAYh5HMH4tds9O2Qs1Rr0nanc2WPBvTEgQarBIyrU7txO2aXZIU Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cluster3.adfs.ovh.net
kpi-offscan.kpi.ac.th
les.abbeyhlli-int.com
s3.amazonaws.com
les.abbeyhlli-int.com
s3.amazonaws.com
162.213.255.79
203.114.109.142
51.195.48.67
52.216.138.213
07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7
1d7b2fe1dee245555a07ede20d58eff2fc2079a3dd05cf59a7bc06d0abd0cb24
6eaa8cdfda43dff7027c7b9990ab4a223db73d8121b8963404ef4fb44cc7e991
70d6cb9af553ffa6c34c7e662a911cf2faa2987a630128be9edf7fdac4cca465
959e58279a99e4cc1e75675f8decd42248da989fc9c2b49e20551e12be04186f

s3.amazonaws.com Open in urlscan Pro 52.216.138.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

45 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

5 IPs

3 Countries

79 kBTransfer

106 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

s3.amazonaws.com Open in urlscan Pro
52.216.138.213 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

45 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

79 kB
Transfer

106 kB
Size

0
Cookies

11 HTTP transactions
3 data transactions