login-micard.co.jp.thdcaz.jp Open in urlscan Pro
34.65.130.138 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login-micard.co.jp.thdcaz.jp/
Submission: On June 21 via api (June 21st 2022, 8:05:04 pm UTC) from JP — Scanned from JP

Summary HTTP 98 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 18 domains to perform 98 HTTP transactions. The main IP is 34.65.130.138, located in Zurich, Switzerland and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is login-micard.co.jp.thdcaz.jp.
TLS certificate: Issued by R3 on June 21st 2022. Valid for: 3 months.

This is the only time login-micard.co.jp.thdcaz.jp was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Micard (Financial)

Domain & IP information

	IP Address	AS Autonomous System
71	34.65.130.138 34.65.130.138	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2404:6800:400... 2404:6800:4004:820::2004	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:80a::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:2066:e00:8:dcbf:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	183.79.255.12 183.79.255.12	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
1	35.77.238.223 35.77.238.223	16509 (AMAZON-02) (AMAZON-02)
1	13.225.165.65 13.225.165.65	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	23.40.192.153 23.40.192.153	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.44.52.35 23.44.52.35	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.95.98.145 54.95.98.145	16509 (AMAZON-02) (AMAZON-02)
1	183.79.219.124 183.79.219.124	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
1	54.65.24.54 54.65.24.54	16509 (AMAZON-02) (AMAZON-02)
1	23.44.51.185 23.44.51.185	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	65.9.42.128 65.9.42.128	16509 (AMAZON-02) (AMAZON-02)
1	54.64.36.72 54.64.36.72	16509 (AMAZON-02) (AMAZON-02)
1	2600:140b:400... 2600:140b:400:19d::322	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	147.92.191.92 147.92.191.92	38631 (LINE LINE...) (LINE LINE Corporation)
1	2404:6800:400... 2404:6800:4004:821::2008	15169 (GOOGLE) (GOOGLE)
1	23.32.13.178 23.32.13.178	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2404:6800:400... 2404:6800:4004:823::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
98	23

71 34.65.130.138 (Zurich, Switzerland)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 138.130.65.34.bc.googleusercontent.com

login-micard.co.jp.thdcaz.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:820::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80a::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2066:e00:8:dcbf:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.yjtag.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.79.255.12 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

b97.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.77.238.223 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-77-238-223.ap-northeast-1.compute.amazonaws.com

digi-tag.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.165.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-165-65.nrt12.r.cloudfront.net

cdn.userdive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.40.192.153 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-192-153.deploy.static.akamaitechnologies.com

d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.44.52.35 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-52-35.deploy.static.akamaitechnologies.com

cdn.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.95.98.145 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-98-145.ap-northeast-1.compute.amazonaws.com

infra.contentanalytics.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.79.219.124 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

b92.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.65.24.54 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-24-54.ap-northeast-1.compute.amazonaws.com

yjtag.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.44.51.185 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-51-185.deploy.static.akamaitechnologies.com

www2.micard.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.42.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-128.nrt12.r.cloudfront.net

assets.withdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.64.36.72 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-36-72.ap-northeast-1.compute.amazonaws.com

i.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:400:19d::322 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

addressable-user-assets.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)

tr.line.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.13.178 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-13-178.deploy.static.akamaitechnologies.com

d.adlpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:823::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	thdcaz.jp login-micard.co.jp.thdcaz.jp	826 KB
3	smartnews-ads.com cdn.smartnews-ads.com — Cisco Umbrella Rank: 62822 i.smartnews-ads.com — Cisco Umbrella Rank: 70125 addressable-user-assets.smartnews-ads.com — Cisco Umbrella Rank: 72799	3 KB
3	yahoo.co.jp b97.yahoo.co.jp — Cisco Umbrella Rank: 25177 b92.yahoo.co.jp — Cisco Umbrella Rank: 17254 yjtag.yahoo.co.jp — Cisco Umbrella Rank: 18660	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 91	497 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	20 KB
2	line.me tr.line.me — Cisco Umbrella Rank: 14695	850 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	109 KB
2	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 15592	656 B
2	google.com www.google.com — Cisco Umbrella Rank: 9	656 B
1	adlpo.com d.adlpo.com — Cisco Umbrella Rank: 210594	14 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 96	69 KB
1	withdesk.com assets.withdesk.com — Cisco Umbrella Rank: 804495
1	micard.co.jp www2.micard.co.jp	6 KB
1	contentanalytics.jp infra.contentanalytics.jp	286 B
1	line-scdn.net d.line-scdn.net — Cisco Umbrella Rank: 11589	10 KB
1	userdive.com cdn.userdive.com
1	digi-tag.net digi-tag.net — Cisco Umbrella Rank: 743999	2 KB
1	yjtag.jp s.yjtag.jp — Cisco Umbrella Rank: 21180	13 KB
98	18

	Domain	Requested by
71	login-micard.co.jp.thdcaz.jp	login-micard.co.jp.thdcaz.jp
2	www.facebook.com	login-micard.co.jp.thdcaz.jp
2	www.google-analytics.com	login-micard.co.jp.thdcaz.jp www.google-analytics.com
2	tr.line.me	login-micard.co.jp.thdcaz.jp
2	connect.facebook.net	login-micard.co.jp.thdcaz.jp connect.facebook.net
2	www.google.co.jp	login-micard.co.jp.thdcaz.jp
2	www.google.com	login-micard.co.jp.thdcaz.jp
1	d.adlpo.com	login-micard.co.jp.thdcaz.jp
1	www.googletagmanager.com	login-micard.co.jp.thdcaz.jp
1	addressable-user-assets.smartnews-ads.com	login-micard.co.jp.thdcaz.jp
1	i.smartnews-ads.com	login-micard.co.jp.thdcaz.jp
1	assets.withdesk.com	login-micard.co.jp.thdcaz.jp
1	www2.micard.co.jp	login-micard.co.jp.thdcaz.jp
1	yjtag.yahoo.co.jp	login-micard.co.jp.thdcaz.jp
1	b92.yahoo.co.jp	login-micard.co.jp.thdcaz.jp
1	infra.contentanalytics.jp	login-micard.co.jp.thdcaz.jp
1	cdn.smartnews-ads.com	login-micard.co.jp.thdcaz.jp
1	d.line-scdn.net	login-micard.co.jp.thdcaz.jp
1	cdn.userdive.com	login-micard.co.jp.thdcaz.jp
1	digi-tag.net	login-micard.co.jp.thdcaz.jp
1	b97.yahoo.co.jp	login-micard.co.jp.thdcaz.jp
1	s.yjtag.jp	login-micard.co.jp.thdcaz.jp
98	22

This site contains links to these domains. Also see Links.

Domain
www2.micard.co.jp
insurance.micard.co.jp
www1.micard.co.jp
www.imhds.co.jp
privacymark.jp

Subject Issuer	Validity	Valid
login-micard.co.jp.thdcaz.jp R3	`2022-06-21` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.tgm.yahoo-net.jp Cybertrust Japan SureServer CA G4	`2022-03-07` - `2023-04-06`	a year	crt.sh
mscedge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2022-04-25` - `2023-05-24`	a year	crt.sh
digi-tag.net Amazon	`2021-12-07` - `2023-01-04`	a year	crt.sh
userdive.com Amazon	`2021-10-21` - `2022-11-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-31` - `2022-06-29`	3 months	crt.sh
line-apps.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-10` - `2023-03-11`	a year	crt.sh
*.smartnews-ads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-14` - `2023-05-17`	a year	crt.sh
contentanalytics.jp Amazon	`2021-08-30` - `2022-09-28`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2022-05-10` - `2023-06-09`	a year	crt.sh
yjtag.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2022-02-02` - `2023-03-01`	a year	crt.sh
www.micard.co.jp Cybertrust Japan SureServer EV CA G3	`2021-12-27` - `2022-12-01`	a year	crt.sh
assets.withdesk.com Amazon	`2022-04-16` - `2023-05-15`	a year	crt.sh
*.line.me GlobalSign RSA OV SSL CA 2018	`2020-06-17` - `2022-09-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.adlpo.com DigiCert ECC Secure Server CA	`2022-02-22` - `2023-02-22`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://login-micard.co.jp.thdcaz.jp/
Frame ID: DBAFA2A3E7381736CE6022515DD9237B
Requests: 97 HTTP requests in this frame

Frame: https://login-micard.co.jp.thdcaz.jp/index/pixel_002.html
Frame ID: EDDE95AE5681A5C90A2778C269572EF6
Requests: 1 HTTP requests in this frame

Frame: https://login-micard.co.jp.thdcaz.jp/index/pixel_002.html
Frame ID: 3364872599CC3E44CC3FD852F3662DF5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

マイページにログイン