urlscan.io logo urlscan.io
SecurityTrails logo

visa.co.jp.qrtrc.com Open in urlscan Pro
155.94.144.10  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://visa.co.jp.qrtrc.com/index.html#/home
Effective URL: https://visa.co.jp.qrtrc.com/index.html
Submission: On May 20 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 155.94.144.10, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is visa.co.jp.qrtrc.com.
TLS certificate: Issued by R3 on May 19th 2022. Valid for: 3 months.
This is the only time visa.co.jp.qrtrc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Visa (Financial)

Domain & IP information

IP Address AS Autonomous System
7 155.94.144.10 8100 (ASN-QUADR...)
7 2
Apex Domain
Subdomains		 Transfer
7 qrtrc.com
visa.co.jp.qrtrc.com
73 KB
7 1
Domain Requested by
7 visa.co.jp.qrtrc.com visa.co.jp.qrtrc.com
7 1

This site contains no links.

Subject Issuer Validity Valid
visa.co.jp.qrtrc.com
R3		 2022-05-19 -
2022-08-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://visa.co.jp.qrtrc.com/index.html
Frame ID: D75B8F32794CBAA5E70C9611F6901A1C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

VISA

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

73 kB
Transfer

186 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
visa.co.jp.qrtrc.com/ 		782 B
935 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visa.co.jp.qrtrc.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
155.94.144.10 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
155.94.144.10.static.quadranet.com
Software
nginx /
Resource Hash
f7963587918fb45db1b23726d58d44090045224c74dc4b57808ff01146b5bf6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-length
782
content-type
text/html
date
Fri, 20 May 2022 05:04:24 GMT
etag
"62860c49-30e"
last-modified
Thu, 19 May 2022 09:22:17 GMT
server
nginx
strict-transport-security
max-age=31536000
chunk-vendors.92390da4.js
visa.co.jp.qrtrc.com/js/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visa.co.jp.qrtrc.com/js/chunk-vendors.92390da4.js
Requested by
Host: visa.co.jp.qrtrc.com
URL: https://visa.co.jp.qrtrc.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
155.94.144.10 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
155.94.144.10.static.quadranet.com
Software
nginx /
Resource Hash
c0d53f88c1416197d9acbec3c66e8143cf9797f7f928c4350e04d43750a222e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://visa.co.jp.qrtrc.com/index.html
Origin
https://visa.co.jp.qrtrc.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 05:04:24 GMT
content-encoding
gzip
last-modified
Thu, 19 May 2022 09:22:17 GMT
server
nginx
etag
W/"62860c49-1aac1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 20 May 2022 17:04:24 GMT
app.0a0da6e7.js
visa.co.jp.qrtrc.com/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visa.co.jp.qrtrc.com/js/app.0a0da6e7.js
Requested by
Host: visa.co.jp.qrtrc.com
URL: https://visa.co.jp.qrtrc.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
155.94.144.10 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
155.94.144.10.static.quadranet.com
Software
nginx /
Resource Hash
4a2ebbba258820ef1ba6215a1b8bb84c865cffd1fb64433bfb642f1df84f3a03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://visa.co.jp.qrtrc.com/index.html
Origin
https://visa.co.jp.qrtrc.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 05:04:24 GMT
content-encoding
gzip
last-modified
Thu, 19 May 2022 09:22:17 GMT
server
nginx
etag
W/"62860c49-1986"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 20 May 2022 17:04:24 GMT
app.a90aa50f.css
visa.co.jp.qrtrc.com/css/ 		2 KB
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://visa.co.jp.qrtrc.com/css/app.a90aa50f.css
Requested by
Host: visa.co.jp.qrtrc.com
URL: https://visa.co.jp.qrtrc.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
155.94.144.10 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
155.94.144.10.static.quadranet.com
Software
nginx /
Resource Hash
787491771ee8eb8d5aa2034a272bc73b5b7688a5e1e2bcdf2367985fe9cd0405
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visa.co.jp.qrtrc.com/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 05:04:24 GMT
content-encoding
gzip
last-modified
Thu, 19 May 2022 09:22:00 GMT
server
nginx
etag
W/"62860c38-7b8"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 20 May 2022 17:04:24 GMT
885.4f81da06.js
visa.co.jp.qrtrc.com/js/ 		62 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visa.co.jp.qrtrc.com/js/885.4f81da06.js
Requested by
Host: visa.co.jp.qrtrc.com
URL: https://visa.co.jp.qrtrc.com/js/app.0a0da6e7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
155.94.144.10 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
155.94.144.10.static.quadranet.com
Software
nginx /
Resource Hash
d54fed3e92612586cf49c90fa63dd615a74eed4f12e4c2f7fce4b1963cae31d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visa.co.jp.qrtrc.com/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 05:04:25 GMT
content-encoding
gzip
last-modified
Thu, 19 May 2022 09:22:17 GMT
server
nginx
etag
W/"62860c49-f774"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 20 May 2022 17:04:25 GMT
403.d1796853.css
visa.co.jp.qrtrc.com/css/ 		1 KB
715 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://visa.co.jp.qrtrc.com/css/403.d1796853.css
Requested by
Host: visa.co.jp.qrtrc.com
URL: https://visa.co.jp.qrtrc.com/js/app.0a0da6e7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
155.94.144.10 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
155.94.144.10.static.quadranet.com
Software
nginx /
Resource Hash
ce0b56c0170892cf224af14b629e494e5a0106250182e4540810046ad45fef1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visa.co.jp.qrtrc.com/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 05:04:25 GMT
content-encoding
gzip
last-modified
Thu, 19 May 2022 09:22:00 GMT
server
nginx
etag
W/"62860c38-545"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 20 May 2022 17:04:25 GMT
403.8a532e36.js
visa.co.jp.qrtrc.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visa.co.jp.qrtrc.com/js/403.8a532e36.js
Requested by
Host: visa.co.jp.qrtrc.com
URL: https://visa.co.jp.qrtrc.com/js/app.0a0da6e7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
155.94.144.10 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
155.94.144.10.static.quadranet.com
Software
nginx /
Resource Hash
3ec96f1dd5f9994912f053027b22e6607738cc9ff1edd09b1c55aee3eca77b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visa.co.jp.qrtrc.com/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 05:04:25 GMT
content-encoding
gzip
last-modified
Thu, 19 May 2022 09:22:17 GMT
server
nginx
etag
W/"62860c49-103c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 20 May 2022 17:04:25 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9953101beaf3aa72e1abcdfafe3dfdbcc73bf08817968ccd112008facaaa5f6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Visa (Financial)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| webpackChunk_2022_5_18

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000