www.pthaigastro.org
Open in
urlscan Pro
119.59.122.235
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On August 11 via api from GB
Summary
This is the only time www.pthaigastro.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 119.59.122.235 119.59.122.235 | 56067 (METRABYTE...) (METRABYTE-TH 453 Ladplacout Jorakhaebua) | |
12 | 216.137.61.225 216.137.61.225 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
4 | 52.51.125.167 52.51.125.167 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
19 | 3 |
ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH)
www.pthaigastro.org |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-216-137-61-225.fra2.r.cloudfront.net
images-na.ssl-images-amazon.com | |
m.media-amazon.com | |
images-eu.ssl-images-amazon.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-51-125-167.eu-west-1.compute.amazonaws.com
fls-eu.amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
ssl-images-amazon.com
images-na.ssl-images-amazon.com images-eu.ssl-images-amazon.com |
271 KB |
4 |
amazon.com
fls-eu.amazon.com |
1 KB |
3 |
pthaigastro.org
www.pthaigastro.org |
69 KB |
2 |
media-amazon.com
m.media-amazon.com |
28 KB |
19 | 4 |
Domain | Requested by | |
---|---|---|
9 | images-na.ssl-images-amazon.com |
www.pthaigastro.org
|
4 | fls-eu.amazon.com |
images-eu.ssl-images-amazon.com
|
3 | www.pthaigastro.org | |
2 | m.media-amazon.com |
www.pthaigastro.org
|
1 | images-eu.ssl-images-amazon.com |
www.pthaigastro.org
|
19 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
sellercentral.amazon.de |
services.amazon.de |
pay.amazon.com |
services.amazon.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
Images-na.ssl-images-amazon.com DigiCert Global CA G2 |
2019-05-02 - 2020-04-23 |
a year | crt.sh |
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.pthaigastro.org/ThImg/flash/openid.pape.max_auth_age/18000openid.return_t/Zwei-Schritt-Verifizierung.html
Frame ID: 7A322F3B1618F531982F087A1D1C04B0
Requests: 19 HTTP requests in this frame
Screenshot
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Haben Sie den Code nicht erhalten?
Search URL Search Domain Scan URL
Title: Verkaufen bei Amazon
Search URL Search Domain Scan URL
Title: Versand durch Amazon
Search URL Search Domain Scan URL
Title: Amazon Pay
Search URL Search Domain Scan URL
Title: Amazon Advertising
Search URL Search Domain Scan URL
Title: Verkaufen in Nordamerika
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Zwei-Schritt-Verifizierung.html
www.pthaigastro.org/ThImg/flash/openid.pape.max_auth_age/18000openid.return_t/ |
58 KB 58 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61Brdu0o6LL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css
images-na.ssl-images-amazon.com/images/I/ |
137 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01SdjaY0ZsL._RC%7C41xWpwQjo7L.css,214VL7hS3nL.css_.css
images-na.ssl-images-amazon.com/images/I/ |
34 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11BFk7eGdOL.css
images-na.ssl-images-amazon.com/images/I/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61kzhTBl2qL._RC%7C11-BZEJ8lnL.js,61q-U9rAZ3L.js,31x4ENTlVIL.js,31f4+QIEeqL.js,01N6xzIJxbL.js,518BI433aLL.js,01rpauTep4L.js,31QZSjMuoeL.js,61ofwvddDeL.js,01KsMxlPtzL.js_.js
images-na.ssl-images-amazon.com/images/I/ |
314 KB 98 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21xeA0kftxL._RC%7C21mq1pS3tgL.js,21yTT2f+P2L.js,31BBOjCcfPL.js,21k+DBN6loL.js,01aIMQxYOpL.js,51qFaS3GX7L.js_.js
images-na.ssl-images-amazon.com/images/I/ |
72 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01AIGGSCkCL.js
images-na.ssl-images-amazon.com/images/I/ |
518 B 812 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
219xMOdPyzL.js
images-na.ssl-images-amazon.com/images/I/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sc-unified._CB513305163_.png
images-na.ssl-images-amazon.com/images/G/03/rainier/nav/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fwcim._CB481732306_.js
images-na.ssl-images-amazon.com/images/G/03/x-locale/common/login/ |
384 KB 109 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png
m.media-amazon.com/images/G/01/AUIClients/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uedata
www.pthaigastro.org/ap/ |
6 KB 6 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
A1PA6795UKMFR9:257-4500659-5947940:35BQ17BXTW2BK1CGYYEN$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.204701.0%26id%3D35BQ17BXTW2BK1CGYYEN%26sw%3D1600%26sh%3D1200%26vw%3D1600%26vh%3D1200%26m%3D1%26sc%3D35BQ...
fls-eu.amazon.com/1/batch/1/OP/ |
43 B 224 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ClientSideMetricsAUIJavascript@jserrorsForester.10f2559e93ec589d92509318a7e2acbac74c343a._V2_.js
images-eu.ssl-images-amazon.com/images/G/01/AUIClients/ |
9 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
showads.v2.js
m.media-amazon.com/images/G/01/csm/ |
23 B 456 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uedata
www.pthaigastro.org/ap/ |
5 KB 5 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
A1PA6795UKMFR9:257-4500659-5947940:35BQ17BXTW2BK1CGYYEN$uedata=s:%2Fap%2Fuedata%3Fat%26v%3D0.204701.0%26id%3D35BQ17BXTW2BK1CGYYEN%26m%3D1%26sc%3Dadblk_no%26pc%3D653%26at%3D653%26t%3D1565555338047%2...
fls-eu.amazon.com/1/batch/1/OP/ |
43 B 224 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
fls-eu.amazon.com/1/batch/1/OE/ |
0 293 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
fls-eu.amazon.com/1/batch/1/OE/ |
0 293 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online)63 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask number| ue_t0 object| ue_csm number| ue_hob string| ue_err_chan string| ue_id string| ue_url number| ue_navtiming string| ue_mid string| ue_sid string| ue_sn string| ue_furl string| ue_surl number| ue_int number| ue_fcsn number| ue_urt string| ue_rpl_ns number| ue_ddq string| ue_fpf number| ue_rsc number| ue_sbuimp number| ue_swi number| ue_hoe function| ue_viz number| ue_ihb object| ue function| ueLogError object| ue_err number| ueinit function| uei function| ueh function| ues function| uet function| uex function| onLd function| onLdEnd function| onUl function| onstop number| aPageStart number| ue_ihe object| ue_cel_stub object| ue_mcm_stub object| amzn object| jQuery164010336966924625801 boolean| loginWithOTPState function| cf boolean| __fwcimLoaded object| fwcim boolean| __fwcimShimProfileReady object| ue_mbl string| ue_pty number| ue_adb number| ue_adb_rtla string| ue_aa_a number| ue_ibe function| _uess number| ue_fadb function| ue_isAdb object| ue_utils number| ue_unrt number| ue_adb_chk1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.pthaigastro.org/ | Name: csm-hit Value: tb:s-35BQ17BXTW2BK1CGYYEN|1565555337797&t:1565555337798 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fls-eu.amazon.com
images-eu.ssl-images-amazon.com
images-na.ssl-images-amazon.com
m.media-amazon.com
www.pthaigastro.org
119.59.122.235
216.137.61.225
52.51.125.167
0904aa3aae6a554f3e91d949a0c91c71862d7ccc501373c071a38ea942d9b1ed
1d1138d61c9ff80e480704d60ee5aa86b7ceb5ee64f72bd584f847ef437e448d
3697e21a7be3ff289143cbe551412be2bafeafeaea6e166ac23bb3d3f221ec2d
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
53b284c17e55527741c0c68a5f0bd7ed85fce558036ed9cd3b05922ac6998ca9
5bf158277bca7187540cc4d994d0b250692f00ae9ff4ca67c3741ea0ec0f206f
5ea5d14e97b5a39ae16ca0e2d8ddfcb2d5e29112e64615aabf5b59cd37230082
763d4c84d5b5ca389989fb915819dc87935f6672bfe666e4e3e8039364bf3287
78659c1bab7acd8642c4f0bf4be7147f49d1ab3b3cd64539fa0f88f74fce38b9
88ea58255d4cd82340f7acaabe0e6a99f195a4dc2ca6ef56ec503d03b331bee5
8ff52030ae312e1688bd111f80d21dc533e457cdefd9cdf07722ec9f51de79bb
99e360090b4ffc6c5671b310ace9c7530ca59c8693e5ca2418450a082a25606e
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
ac6c8a640f5b8fea68c8aeaaad4e145c8261be36ba09df844e4121fb69e90cc7
c82cbf7f99b7bc38c257ec34e6b9c2512f87d6dc417035b81dbc343cc056f9d3
db30660fb9fb9e87f176e179b29c5239f8def42613054792901c63b065d7f764
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855