www.weblogon.biz Open in urlscan Pro
18.177.220.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rinkaisystem-ht.com/
Effective URL:
https://www.weblogon.biz/604761/usbchk_script.php
Submission Tags: falconsandbox
Submission: On December 07 via api (December 7th 2021, 11:51:50 pm UTC) from US — Scanned from JP

Summary HTTP 3 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 3 HTTP transactions. The main IP is 18.177.220.3, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is www.weblogon.biz.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on November 24th 2021. Valid for: a year.

This is the only time www.weblogon.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	118.21.49.49 118.21.49.49	4713 (OCN NTT C...) (OCN NTT Communications Corporation)
1	18.177.220.3 18.177.220.3	16509 (AMAZON-02) (AMAZON-02)
3	3

1 118.21.49.49 (Taito, Japan)

ASN4713 (OCN NTT Communications Corporation, JP)
PTR: i118-21-49-49.s30.a048.ap.plala.or.jp

rinkaisystem-ht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.177.220.3 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-220-3.ap-northeast-1.compute.amazonaws.com

www.weblogon.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	weblogon.biz www.weblogon.biz	9 KB
1	rinkaisystem-ht.com rinkaisystem-ht.com	878 B
0	Failed function sub() { [native code] }. Failed
3	3

	Domain	Requested by
1	www.weblogon.biz
1	rinkaisystem-ht.com
0	127.0.0.1 Failed	www.weblogon.biz
3	3

This site contains no links.

Subject Issuer	Validity	Valid
www.weblogon.biz Sectigo RSA Organization Validation Secure Server CA	`2021-11-24` - `2022-12-25`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.weblogon.biz/604761/usbchk_script.php
Frame ID: 52C8D81A336DE84A725E48EA30B07D6D
Requests: 2 HTTP requests in this frame

Frame: https://127.0.0.1:8097/?site=https://www.weblogon.biz/604761/usbchk_script.php&ssid=3in2fjvab82c3oahpebd0cd664&data1=60c5f2af3528e0401c050ff1e9d1f1f5&action=clientOk
Frame ID: 6F134278F3A64D4815DA0364B0CF5C2B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ＵＳＢキー認証

Page URL History Show full URLs

http://rinkaisystem-ht.com/ Page URL
https://www.weblogon.biz/604761/usbchk_script.php Page URL

Page Statistics

3
Requests

33 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

10 kB
Transfer

9 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rinkaisystem-ht.com/ Page URL
https://www.weblogon.biz/604761/usbchk_script.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response rinkaisystem-ht.com/	709 B 878 B	966ms 811ms	Document text/html	118.21.49.49 OCN NTT Communica...
General Check archive.org Show headers Download Go to Full URL http://rinkaisystem-ht.com/ Protocol HTTP/1.1 Server 118.21.49.49 Taito, Japan, ASN4713 (OCN NTT Communications Corporation, JP), Reverse DNS i118-21-49-49.s30.a048.ap.plala.or.jp Software Apache-Coyote/1.1 / PHP/7.1.33 Resource Hash `7514b6a50d7f5b59544d04a6f0bfa1cfe25864f6246d60b62405cee83b150d9c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Response headers Server Apache-Coyote/1.1 X-Powered-By PHP/7.1.33 Content-Type text/html;charset=UTF-8 Content-Length 709 Date Tue, 07 Dec 2021 23:51:45 GMT
POST H/1.1	200 OK	Primary Request usbchk_script.php Show response www.weblogon.biz/604761/	8 KB 9 KB	65ms 7ms	Document text/html	18.177.220.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.weblogon.biz/604761/usbchk_script.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.177.220.3 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-177-220-3.ap-northeast-1.compute.amazonaws.com Software Apache/2.2.31 (Amazon) / PHP/5.3.29 Resource Hash `5a3c05cd2195249b0e0008730c3dde0d1ea821841e2e71a077ef2d5bbf893bc9` Request headers Upgrade-Insecure-Requests 1 Origin http://rinkaisystem-ht.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Referer http://rinkaisystem-ht.com/ Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Cache-control no-cache="set-cookie" Content-Language jp Content-Type text/html; charset=Shift_JIS Date Tue, 07 Dec 2021 23:51:45 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server Apache/2.2.31 (Amazon) X-Powered-By PHP/5.3.29 transfer-encoding chunked Connection keep-alive
GET		/ 127.0.0.1/ Frame 6F13	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 127.0.0.1
URL: https://127.0.0.1:8097/?site=https://www.weblogon.biz/604761/usbchk_script.php&ssid=3in2fjvab82c3oahpebd0cd664&data1=60c5f2af3528e0401c050ff1e9d1f1f5&action=clientOk

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.weblogon.biz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3in2fjvab82c3oahpebd0cd664
www.weblogon.biz/	1970-01-19 23:15:21	Name: AWSELB Value: 61F5413C901BC06382E6ED077EAF1F3819D3D51ED75C460BE3CA31C4B3094C22D1BE024581AFE7389CEE11BE96D46CAAB04A8342FCEEAB5A248F59C04AC99F37ACD40DFB
www.weblogon.biz/	1970-01-19 23:15:21	Name: AWSELBCORS Value: 61F5413C901BC06382E6ED077EAF1F3819D3D51ED75C460BE3CA31C4B3094C22D1BE024581AFE7389CEE11BE96D46CAAB04A8342FCEEAB5A248F59C04AC99F37ACD40DFB

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

127.0.0.1
rinkaisystem-ht.com
www.weblogon.biz
127.0.0.1
118.21.49.49
18.177.220.3
5a3c05cd2195249b0e0008730c3dde0d1ea821841e2e71a077ef2d5bbf893bc9
7514b6a50d7f5b59544d04a6f0bfa1cfe25864f6246d60b62405cee83b150d9c

www.weblogon.biz Open in urlscan Pro 18.177.220.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

3 Requests

33 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

10 kBTransfer

9 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

3 Cookies

Indicators

www.weblogon.biz Open in urlscan Pro
18.177.220.3 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

33 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

10 kB
Transfer

9 kB
Size

3
Cookies

3 HTTP transactions
0 data transactions