sso.gmo-aozora.is
Open in
urlscan Pro
91.215.85.9
Malicious Activity!
Public Scan
Effective URL: https://sso.gmo-aozora.is/all/gmo-aozora.php?hmt=1hf0123005h600&nextfufnck=10130550rh000
Submission: On June 05 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on June 2nd 2023. Valid for: 3 months.
This is the only time sso.gmo-aozora.is was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: GMO Aozora Net Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 22 | 91.215.85.9 91.215.85.9 | 200593 (PROSPERO-AS) (PROSPERO-AS) | |
21 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
gmo-aozora.is
1 redirects
sso.gmo-aozora.is |
444 KB |
21 | 1 |
Domain | Requested by | |
---|---|---|
22 | sso.gmo-aozora.is |
1 redirects
sso.gmo-aozora.is
|
21 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
faq.gmo-aozora.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sso.gmo-aozora.is R3 |
2023-06-02 - 2023-08-31 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://sso.gmo-aozora.is/all/gmo-aozora.php?hmt=1hf0123005h600&nextfufnck=10130550rh000
Frame ID: 4B16748AFABFFB884D8340A6C404FAA5
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
GMOあおぞらネット銀行 ログインPage URL History Show full URLs
-
https://sso.gmo-aozora.is/
HTTP 302
https://sso.gmo-aozora.is/all/gmo-aozora.php?hmt=1hf0123005h600&nextfufnck=10130550rh000 Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: よくあるご質問
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://sso.gmo-aozora.is/
HTTP 302
https://sso.gmo-aozora.is/all/gmo-aozora.php?hmt=1hf0123005h600&nextfufnck=10130550rh000 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
gmo-aozora.php
sso.gmo-aozora.is/all/ Redirect Chain
|
9 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
sso.gmo-aozora.is/all/1_files/ |
2 KB 813 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
sso.gmo-aozora.is/all/1_files/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.css
sso.gmo-aozora.is/all/1_files/ |
2 KB 728 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=el_main_css
sso.gmo-aozora.is/all/1_files/ |
25 KB 4 KB |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
sso.gmo-aozora.is/all/1_files/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner-title.png
sso.gmo-aozora.is/all/1_files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp-banner-title.png
sso.gmo-aozora.is/all/1_files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in-banner-01.png
sso.gmo-aozora.is/all/1_files/ |
91 KB 91 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in-sp-banner-01.png
sso.gmo-aozora.is/all/1_files/ |
88 KB 89 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in-banner-02.png
sso.gmo-aozora.is/all/1_files/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in-sp-banner-02.png
sso.gmo-aozora.is/all/1_files/ |
65 KB 65 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in-banner-03.png
sso.gmo-aozora.is/all/1_files/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in-sp-banner-03.png
sso.gmo-aozora.is/all/1_files/ |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner-pickup.png
sso.gmo-aozora.is/all/1_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp-banner-pickup.png
sso.gmo-aozora.is/all/1_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in-banner-04.png
sso.gmo-aozora.is/all/1_files/ |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in-sp-banner-04.png
sso.gmo-aozora.is/all/1_files/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate_24dp.png
sso.gmo-aozora.is/all/1_files/ |
846 B 917 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
sso.gmo-aozora.is/all/1_files/ |
0 57 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0(1)
sso.gmo-aozora.is/all/1_files/ |
0 57 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: GMO Aozora Net Bank (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sso.gmo-aozora.is/ | Name: PHPSESSID Value: g91refj5t5emdmuk4091urdjpd |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sso.gmo-aozora.is
91.215.85.9
05b19b253e8c8ba4dc1e99673b9166695b974554acd7ffedfb10e909f29e4130
1c7ded744c590139ee7789e5364ad8700228d1fadd80bb115fe125bc7bdbb944
21f02411775435f16c6ca5108a46bf394ea07ed6fc9b88e46fb0339f29b95944
2c4a0dcd8df246e904d7e40e7675cc05a87e7c00fe35b6232f3f847693f95855
3b9e2d90e1f1b7ebc9237ce6ff2a0fa9f40fd243cb1273a83c90ce00a19ccdef
480e37be46b76cab1d37ee4aea33cafa26b185f4b80da9c7c987945ee0f99594
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
633053800716df5e106b01b84a98f6bd3e6550193c9ce6263383a628c7481e45
6fcd9a21eb3715b2f62666ec2443148330c4c4bfaa0f194138bab8c184c648dd
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
81ecec0e983587fe44a904e998b2b8ae8b153080f6b74df40a9bf23416b7e8cf
83e2d56e4876dcc52e61a2734e6ccc961b44bffa18b21459843bd86bfc45265c
a3ddad5ff6fd5e185238084c0a3ddf1e02abb2ab83cd630ba323cb357868c161
a5193e5ef4ee0e05592ff598509bbba5ff5d29966402aa5894b5be68b8972ef1
ba39f8306ada84b78cd3b8fa942616c5356874ce05b0e0946704c9d174d5d5da
c391f62211c387fe13acd5be97e9f7bdab1159f9579ad5e28dadeee0e0f8f30d
c63f314927e7ef52ba708f9677536878b1330e482dbc9e2f2416aba3d2fb0d5f
cff7bbbc3a629645c0e2bd6483ea289f5084fab2499713f0b864e8c45af84a07
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e648780b318479652950fe9c07a744dd0598bfab53bd28499214f7b17129039e