lyfyhzs.com Open in urlscan Pro
45.192.178.182 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lyfyhzs.com/
Effective URL:
https://lyfyhzs.com/client/login
Submission: On July 04 via manual (July 4th 2024, 9:34:33 pm UTC) from JP — Scanned from JP

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 45.192.178.182, located in Hong Kong, Hong Kong and belongs to CHANGLIAN-AS-AP ChangLian Network Technology Co., Limited, HK. The main domain is lyfyhzs.com.
TLS certificate: Issued by R10 on July 3rd 2024. Valid for: 3 months.

This is the only time lyfyhzs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ETC (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 10	45.192.178.182 45.192.178.182	137443 (CHANGLIAN...) (CHANGLIAN-AS-AP ChangLian Network Technology Co.)
13	202.211.207.13 202.211.207.13	4725 (ODN SoftB...) (ODN SoftBank Corp.)
1	163.43.157.87 163.43.157.87	9370 (SAKURA-B ...) (SAKURA-B SAKURA Internet Inc.)
23	3

10 45.192.178.182 (Hong Kong, Hong Kong) 1 redirects

ASN137443 (CHANGLIAN-AS-AP ChangLian Network Technology Co., Limited, HK)

lyfyhzs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 202.211.207.13 (Japan)

ASN4725 (ODN SoftBank Corp., JP)
PTR: www2.etc-meisai.jp

www2.etc-meisai.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.43.157.87 (Takasago, Japan)

ASN9370 (SAKURA-B SAKURA Internet Inc., JP)

www.etc-plaza.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	etc-meisai.jp www2.etc-meisai.jp	27 KB
10	lyfyhzs.com 1 redirects lyfyhzs.com	211 KB
1	etc-plaza.jp www.etc-plaza.jp	10 KB
23	3

	Domain	Requested by
13	www2.etc-meisai.jp	lyfyhzs.com www2.etc-meisai.jp
10	lyfyhzs.com	1 redirects lyfyhzs.com
1	www.etc-plaza.jp	lyfyhzs.com
23	3

This site contains no links.

Subject Issuer	Validity	Valid
xfsktv.com R10	`2024-07-03` - `2024-10-01`	3 months	crt.sh
www2.etc-meisai.jp DigiCert TLS RSA SHA256 2020 CA1	`2024-01-05` - `2025-01-24`	a year	crt.sh
www.etc-plaza.jp GeoTrust TLS RSA CA G1	`2023-12-08` - `2025-01-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://lyfyhzs.com/client/login
Frame ID: 5DFF4C8A12A093F5569443A5CCD971C3
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ＥＴＣ利用照会サービス

Page URL History Show full URLs

https://lyfyhzs.com/ HTTP 302
https://lyfyhzs.com/client/login Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

248 kB
Transfer

682 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lyfyhzs.com/ HTTP 302
https://lyfyhzs.com/client/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
lyfyhzs.com/client/
Redirect Chain

https://lyfyhzs.com/
https://lyfyhzs.com/client/login

21 KB
4 KB

183ms
183ms

Document
text/html

45.192.178.182
CHANGLIAN-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyfyhzs.com/client/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.192.178.182 Hong Kong, Hong Kong, ASN137443 (CHANGLIAN-AS-AP ChangLian Network Technology Co., Limited, HK),
Reverse DNS
Software: nginx / Express
Resource Hash: 3f3e180e10fc468e614dc35d49ef7f7d8359f8c9901b4025fe17b2e03892ab38

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 04 Jul 2024 21:34:18 GMT
etag: W/"54f2-1xy7H9+Yvl7t+bG4BfCqV9+EnUU"
server: nginx
vary: Accept-Encoding
x-cache: MISS
x-powered-by: Express

Redirect headers

access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-length: 70
content-type: text/html; charset=utf-8
date: Thu, 04 Jul 2024 21:34:18 GMT
location: /client/login
server: nginx
vary: Accept
x-cache: MISS
x-powered-by: Express

GET
H/1.1 200
OK common.css
www2.etc-meisai.jp/etcris/css/ 15 KB
15 KB 237ms
52ms Stylesheet
text/css 202.211.207.13
ODN SoftBank Corp.

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.etc-meisai.jp/etcris/css/common.css?r=13.40
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.211.207.13 , Japan, ASN4725 (ODN SoftBank Corp., JP),
Reverse DNS: www2.etc-meisai.jp
Software: /
Resource Hash: 0caa2560930249a14df090e283fde548488087ce233fa235e8cb85ee53fed369

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:34:02 GMT
Last-Modified: Thu, 21 Apr 2022 01:49:33 GMT
Connection: close
Accept-Ranges: bytes
ETag: "3bc9-5dd20524ca540"
Content-Length: 15305
Content-Type: text/css

GET
H/1.1 200
OK sp_mei.css
www.etc-plaza.jp/css/ 10 KB
10 KB 190ms
67ms Stylesheet
text/css 163.43.157.87
SAKURA-B SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.etc-plaza.jp/css/sp_mei.css

Requested by

Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.43.157.87 Takasago, Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

57b6029f2568d11e3c7600f30e0309ae998a9e9939b1e4d5b56ce84b782054ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:34:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Mar 2022 08:09:18 GMT
Server: nginx
ETag: "6229b22e-287e"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10366
X-XSS-Protection: 1;mode=block

GET
H2 200 loading.css
lyfyhzs.com/static/public/css/ 321 B
628 B 53ms
48ms Stylesheet
text/css 45.192.178.182
CHANGLIAN-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyfyhzs.com/static/public/css/loading.css
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.192.178.182 Hong Kong, Hong Kong, ASN137443 (CHANGLIAN-AS-AP ChangLian Network Technology Co., Limited, HK),
Reverse DNS
Software: nginx / Express
Resource Hash: 4c35ce2490955c47d38d6d6938380b8df6dfcc737340569e1946547575e2b112

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/client/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:34:18 GMT
last-modified: Fri, 05 Apr 2024 11:17:34 GMT
server: nginx
x-powered-by: Express
etag: W/"141-18eadfa6d8a"
access-control-max-age: 2592000
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
x-cache: MISS
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: *
content-length: 321

GET
H2 200 dialog.css
lyfyhzs.com/static/public/css/ 239 B
546 B 53ms
48ms Stylesheet
text/css 45.192.178.182
CHANGLIAN-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyfyhzs.com/static/public/css/dialog.css
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.192.178.182 Hong Kong, Hong Kong, ASN137443 (CHANGLIAN-AS-AP ChangLian Network Technology Co., Limited, HK),
Reverse DNS
Software: nginx / Express
Resource Hash: d72a336256ce93fba54f11ef39f1a5939953f97529efece6cc8218707514ba99

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/client/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:34:18 GMT
last-modified: Thu, 27 Jun 2024 04:18:48 GMT
server: nginx
x-powered-by: Express
etag: W/"ef-19057eade81"
access-control-max-age: 2592000
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
x-cache: MISS
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: *
content-length: 239

GET
H2 200 publicFunc.js Show response
lyfyhzs.com/static/public/js/ 4 KB
2 KB 53ms
50ms Script
application/javascript 45.192.178.182
CHANGLIAN-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyfyhzs.com/static/public/js/publicFunc.js
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.192.178.182 Hong Kong, Hong Kong, ASN137443 (CHANGLIAN-AS-AP ChangLian Network Technology Co., Limited, HK),
Reverse DNS
Software: nginx / Express
Resource Hash: 7e9064f9ab583f3f677d29a623a571ed1eb28e871c17cce6a3772ceff71905cb

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/client/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:34:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Jun 2024 02:33:24 GMT
server: nginx
x-powered-by: Express
etag: W/"e05-190578a5fee"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 2592000
cache-control: public, max-age=0
access-control-allow-headers: *

GET
H/1.1 200
OK alert.gif
www2.etc-meisai.jp/etcris/images/ 182 B
397 B 238ms
55ms Image
image/gif 202.211.207.13
ODN SoftBank Corp.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.etc-meisai.jp/etcris/images/alert.gif
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.211.207.13 , Japan, ASN4725 (ODN SoftBank Corp., JP),
Reverse DNS: www2.etc-meisai.jp
Software: /
Resource Hash: 5bb48abaafbc721f2e765deabf2bdd43659079d8dad1853aaefa212265fe83fa

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:34:02 GMT
Last-Modified: Tue, 11 Aug 2009 07:37:00 GMT
Connection: close
Accept-Ranges: bytes
ETag: "b6-470d8c4921f00"
Content-Length: 182
Content-Type: image/gif

GET
H/1.1 200
OK head_etc_logo.gif
www2.etc-meisai.jp/etcris/images/ 1020 B
1 KB 236ms
54ms Image
image/gif 202.211.207.13
ODN SoftBank Corp.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.etc-meisai.jp/etcris/images/head_etc_logo.gif
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.211.207.13 , Japan, ASN4725 (ODN SoftBank Corp., JP),
Reverse DNS: www2.etc-meisai.jp
Software: /
Resource Hash: 7d1c425ab87390fa62f0b924e95453ba0c95e4a40a724eca66a1bca47178680b

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:34:02 GMT
Last-Modified: Mon, 25 Jul 2011 09:48:32 GMT
Connection: close
Accept-Ranges: bytes
ETag: "3fc-4a8e1b7d2dc00"
Content-Length: 1020
Content-Type: image/gif

GET
H/1.1 200
OK head_title.gif
www2.etc-meisai.jp/etcris/images/ 2 KB
2 KB 202ms
89ms Image
image/gif 202.211.207.13
ODN SoftBank Corp.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.etc-meisai.jp/etcris/images/head_title.gif
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.211.207.13 , Japan, ASN4725 (ODN SoftBank Corp., JP),
Reverse DNS: www2.etc-meisai.jp
Software: /
Resource Hash: 706aad4ccfa4f04be2b24b09d832c00391612ae50fd44ee76e819b70c9f4d973

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:34:03 GMT
Last-Modified: Mon, 05 Sep 2011 06:55:00 GMT
Connection: close
Accept-Ranges: bytes
ETag: "900-4ac2c308e1900"
Content-Length: 2304
Content-Type: image/gif

GET
H/1.1 200
OK contents_upper.jpg
www2.etc-meisai.jp/etcris/images/ 1 KB
1 KB 201ms
84ms Image
image/jpeg 202.211.207.13
ODN SoftBank Corp.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.etc-meisai.jp/etcris/images/contents_upper.jpg
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.211.207.13 , Japan, ASN4725 (ODN SoftBank Corp., JP),
Reverse DNS: www2.etc-meisai.jp
Software: /
Resource Hash: fd7d935b2e3b5498bb28e02eedab29aeb8bfa537f988aceb123b36858a6410e7

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:34:03 GMT
Last-Modified: Tue, 08 Sep 2009 02:36:56 GMT
Connection: close
Accept-Ranges: bytes
ETag: "40c-47307d7016200"
Content-Length: 1036
Content-Type: image/jpeg

GET
H/1.1 200
OK linkarrow.gif
www2.etc-meisai.jp/etcris/images/ 77 B
291 B 200ms
83ms Image
image/gif 202.211.207.13
ODN SoftBank Corp.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.etc-meisai.jp/etcris/images/linkarrow.gif
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.211.207.13 , Japan, ASN4725 (ODN SoftBank Corp., JP),
Reverse DNS: www2.etc-meisai.jp
Software: /
Resource Hash: 6744a2726319c32bba421c71be01f818dcd09a2b13cb6520d2fdb8cf434d23d3

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:34:03 GMT
Last-Modified: Tue, 08 Sep 2009 02:36:56 GMT
Connection: close
Accept-Ranges: bytes
ETag: "4d-47307d7016200"
Content-Length: 77
Content-Type: image/gif

GET
H/1.1 200
OK pagetop_icon.gif
www2.etc-meisai.jp/etcris/images/ 86 B
300 B 199ms
83ms Image
image/gif 202.211.207.13
ODN SoftBank Corp.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.etc-meisai.jp/etcris/images/pagetop_icon.gif
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.211.207.13 , Japan, ASN4725 (ODN SoftBank Corp., JP),
Reverse DNS: www2.etc-meisai.jp
Software: /
Resource Hash: 9b1d0d74215b647aa49e8c25740777357376247016351b0d928c8f5ee52935ee

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:34:03 GMT
Last-Modified: Tue, 08 Sep 2009 02:36:56 GMT
Connection: close
Accept-Ranges: bytes
ETag: "56-47307d7016200"
Content-Length: 86
Content-Type: image/gif

GET
H/1.1 200
OK contents_btm.jpg
www2.etc-meisai.jp/etcris/images/ 1 KB
1 KB 198ms
82ms Image
image/jpeg 202.211.207.13
ODN SoftBank Corp.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.etc-meisai.jp/etcris/images/contents_btm.jpg
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.211.207.13 , Japan, ASN4725 (ODN SoftBank Corp., JP),
Reverse DNS: www2.etc-meisai.jp
Software: /
Resource Hash: cc933147666fff38f99511731cc9d54578e387d41d82fedbc6e11635435cffad

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:34:03 GMT
Last-Modified: Tue, 08 Sep 2009 02:36:56 GMT
Connection: close
Accept-Ranges: bytes
ETag: "429-47307d7016200"
Content-Length: 1065
Content-Type: image/jpeg

GET
H/1.1 200
OK head_listmark.gif
www2.etc-meisai.jp/etcris/images/ 223 B
438 B 246ms
103ms Image
image/gif 202.211.207.13
ODN SoftBank Corp.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.etc-meisai.jp/etcris/images/head_listmark.gif
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.211.207.13 , Japan, ASN4725 (ODN SoftBank Corp., JP),
Reverse DNS: www2.etc-meisai.jp
Software: /
Resource Hash: e9f21dccc13ca0678430dd66bb38410b00cacfec4fe4de8cdafc0f688906ca2f

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:34:03 GMT
Last-Modified: Tue, 08 Sep 2009 02:36:56 GMT
Connection: close
Accept-Ranges: bytes
ETag: "df-47307d7016200"
Content-Length: 223
Content-Type: image/gif

GET
H2 200 jquery-3.5.1.js Show response
lyfyhzs.com/static/public/js/ 281 KB
97 KB 58ms
55ms Script
application/javascript 45.192.178.182
CHANGLIAN-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyfyhzs.com/static/public/js/jquery-3.5.1.js
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.192.178.182 Hong Kong, Hong Kong, ASN137443 (CHANGLIAN-AS-AP ChangLian Network Technology Co., Limited, HK),
Reverse DNS
Software: nginx / Express
Resource Hash: 416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/client/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:34:18 GMT
content-encoding: gzip
last-modified: Wed, 21 Feb 2024 23:12:06 GMT
server: nginx
x-powered-by: Express
etag: W/"4638e-18dcdf0c970"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 2592000
cache-control: public, max-age=0
access-control-allow-headers: *

GET
H2 200 vue.js Show response
lyfyhzs.com/static/public/js/ 334 KB
104 KB 59ms
55ms Script
application/javascript 45.192.178.182
CHANGLIAN-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyfyhzs.com/static/public/js/vue.js
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.192.178.182 Hong Kong, Hong Kong, ASN137443 (CHANGLIAN-AS-AP ChangLian Network Technology Co., Limited, HK),
Reverse DNS
Software: nginx / Express
Resource Hash: 352baa818da109925437a8433057ddc6f91ec48efe88bc5741b2f9e34450fdce

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/client/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:34:18 GMT
content-encoding: gzip
last-modified: Wed, 21 Feb 2024 23:12:06 GMT
server: nginx
x-powered-by: Express
etag: W/"53882-18dcdf0c970"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 2592000
cache-control: public, max-age=0
access-control-allow-headers: *

GET
H2 200 options.js Show response
lyfyhzs.com/static/public/js/ 2 KB
766 B 60ms
57ms Script
application/javascript 45.192.178.182
CHANGLIAN-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyfyhzs.com/static/public/js/options.js
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.192.178.182 Hong Kong, Hong Kong, ASN137443 (CHANGLIAN-AS-AP ChangLian Network Technology Co., Limited, HK),
Reverse DNS
Software: nginx / Express
Resource Hash: 789e281069ac335fc56448c1afbd48486e81d2034cb28337f082e016d69261c6

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/client/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:34:18 GMT
content-encoding: gzip
last-modified: Thu, 20 Jun 2024 07:27:50 GMT
server: nginx
x-powered-by: Express
etag: W/"73c-190348b6c64"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 2592000
cache-control: public, max-age=0
access-control-allow-headers: *

GET
H2 200 login.js Show response
lyfyhzs.com/static/etc/js/ 6 KB
2 KB 62ms
59ms Script
application/javascript 45.192.178.182
CHANGLIAN-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyfyhzs.com/static/etc/js/login.js
Requested by: Host: lyfyhzs.com
URL: https://lyfyhzs.com/client/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.192.178.182 Hong Kong, Hong Kong, ASN137443 (CHANGLIAN-AS-AP ChangLian Network Technology Co., Limited, HK),
Reverse DNS
Software: nginx / Express
Resource Hash: 9f0bed584cf3e3770545a02bc8174e2dd9acd26e48aede5966788fd81a427388

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/client/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:34:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Jun 2024 02:27:08 GMT
server: nginx
x-powered-by: Express
etag: W/"16ac-1905784a2d6"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 2592000
cache-control: public, max-age=0
access-control-allow-headers: *

GET
H/1.1 200
OK body_bg.jpg
www2.etc-meisai.jp/etcris/images/ 392 B
609 B 188ms
83ms Image
image/jpeg 202.211.207.13
ODN SoftBank Corp.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.etc-meisai.jp/etcris/images/body_bg.jpg
Requested by: Host: www2.etc-meisai.jp
URL: https://www2.etc-meisai.jp/etcris/css/common.css?r=13.40
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.211.207.13 , Japan, ASN4725 (ODN SoftBank Corp., JP),
Reverse DNS: www2.etc-meisai.jp
Software: /
Resource Hash: 905b6bc56ec1c7edbc015eb6f4649e68c14bfef0eb61774bc8d3f550c1ff7e25

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://www2.etc-meisai.jp/etcris/css/common.css?r=13.40
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:34:03 GMT
Last-Modified: Tue, 08 Sep 2009 02:36:56 GMT
Connection: close
Accept-Ranges: bytes
ETag: "188-47307d7016200"
Content-Length: 392
Content-Type: image/jpeg

GET
H/1.1 200
OK head_bg.gif
www2.etc-meisai.jp/etcris/images/ 904 B
1 KB 233ms
102ms Image
image/gif 202.211.207.13
ODN SoftBank Corp.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.etc-meisai.jp/etcris/images/head_bg.gif
Requested by: Host: www2.etc-meisai.jp
URL: https://www2.etc-meisai.jp/etcris/css/common.css?r=13.40
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.211.207.13 , Japan, ASN4725 (ODN SoftBank Corp., JP),
Reverse DNS: www2.etc-meisai.jp
Software: /
Resource Hash: 2e84793231dc8da5ea4ed016e36dc88e4081bb9b8605eacd820446d68f7f09be

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://www2.etc-meisai.jp/etcris/css/common.css?r=13.40
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:34:03 GMT
Last-Modified: Tue, 08 Sep 2009 02:36:56 GMT
Connection: close
Accept-Ranges: bytes
ETag: "388-47307d7016200"
Content-Length: 904
Content-Type: image/gif

GET
H/1.1 200
OK contents_bg.jpg
www2.etc-meisai.jp/etcris/images/ 378 B
595 B 234ms
74ms Image
image/jpeg 202.211.207.13
ODN SoftBank Corp.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.etc-meisai.jp/etcris/images/contents_bg.jpg
Requested by: Host: www2.etc-meisai.jp
URL: https://www2.etc-meisai.jp/etcris/css/common.css?r=13.40
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.211.207.13 , Japan, ASN4725 (ODN SoftBank Corp., JP),
Reverse DNS: www2.etc-meisai.jp
Software: /
Resource Hash: 06799e7e4eb5d4da14e1c007241a54d2f429a26a8c19ad91877531792eecd551

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://www2.etc-meisai.jp/etcris/css/common.css?r=13.40
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:34:03 GMT
Last-Modified: Tue, 08 Sep 2009 02:36:56 GMT
Connection: close
Accept-Ranges: bytes
ETag: "17a-47307d7016200"
Content-Length: 378
Content-Type: image/jpeg

GET
H/1.1 200
OK foot_bg.gif
www2.etc-meisai.jp/etcris/images/ 2 KB
2 KB 233ms
74ms Image
image/gif 202.211.207.13
ODN SoftBank Corp.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.etc-meisai.jp/etcris/images/foot_bg.gif
Requested by: Host: www2.etc-meisai.jp
URL: https://www2.etc-meisai.jp/etcris/css/common.css?r=13.40
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.211.207.13 , Japan, ASN4725 (ODN SoftBank Corp., JP),
Reverse DNS: www2.etc-meisai.jp
Software: /
Resource Hash: e583ca603117253a6d29f22c361e59525f9e08d5cace74730fd7c468794d211b

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://www2.etc-meisai.jp/etcris/css/common.css?r=13.40
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:34:03 GMT
Last-Modified: Tue, 20 Dec 2011 01:15:32 GMT
Connection: close
Accept-Ranges: bytes
ETag: "787-4b47bcdb4d500"
Content-Length: 1927
Content-Type: image/gif

GET
H2 404 favicon.ico
lyfyhzs.com/ 150 B
407 B 48ms
48ms Other
text/html 45.192.178.182
CHANGLIAN-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://lyfyhzs.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.192.178.182 Hong Kong, Hong Kong, ASN137443 (CHANGLIAN-AS-AP ChangLian Network Technology Co., Limited, HK),

Reverse DNS

Software

nginx / Express

Resource Hash

6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://lyfyhzs.com/client/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:34:19 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
server: nginx
x-powered-by: Express
access-control-max-age: 2592000
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 150

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ETC (Transportation)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lyfyhzs.com/	1969-12-31 23:59:59	Name: connect.sid Value: s%3AGIrpDHlZkKIPBeCT4pGIv01uJZwi3TYO.J8o3lwtPI8W13lxDOTGxVVgzj3sC1dOM2zAz3EuSkGA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://lyfyhzs.com/client/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://lyfyhzs.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lyfyhzs.com
www.etc-plaza.jp
www2.etc-meisai.jp
163.43.157.87
202.211.207.13
45.192.178.182
06799e7e4eb5d4da14e1c007241a54d2f429a26a8c19ad91877531792eecd551
0caa2560930249a14df090e283fde548488087ce233fa235e8cb85ee53fed369
2e84793231dc8da5ea4ed016e36dc88e4081bb9b8605eacd820446d68f7f09be
352baa818da109925437a8433057ddc6f91ec48efe88bc5741b2f9e34450fdce
3f3e180e10fc468e614dc35d49ef7f7d8359f8c9901b4025fe17b2e03892ab38
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
4c35ce2490955c47d38d6d6938380b8df6dfcc737340569e1946547575e2b112
57b6029f2568d11e3c7600f30e0309ae998a9e9939b1e4d5b56ce84b782054ab
5bb48abaafbc721f2e765deabf2bdd43659079d8dad1853aaefa212265fe83fa
6744a2726319c32bba421c71be01f818dcd09a2b13cb6520d2fdb8cf434d23d3
6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c
706aad4ccfa4f04be2b24b09d832c00391612ae50fd44ee76e819b70c9f4d973
789e281069ac335fc56448c1afbd48486e81d2034cb28337f082e016d69261c6
7d1c425ab87390fa62f0b924e95453ba0c95e4a40a724eca66a1bca47178680b
7e9064f9ab583f3f677d29a623a571ed1eb28e871c17cce6a3772ceff71905cb
905b6bc56ec1c7edbc015eb6f4649e68c14bfef0eb61774bc8d3f550c1ff7e25
9b1d0d74215b647aa49e8c25740777357376247016351b0d928c8f5ee52935ee
9f0bed584cf3e3770545a02bc8174e2dd9acd26e48aede5966788fd81a427388
cc933147666fff38f99511731cc9d54578e387d41d82fedbc6e11635435cffad
d72a336256ce93fba54f11ef39f1a5939953f97529efece6cc8218707514ba99
e583ca603117253a6d29f22c361e59525f9e08d5cace74730fd7c468794d211b
e9f21dccc13ca0678430dd66bb38410b00cacfec4fe4de8cdafc0f688906ca2f
fd7d935b2e3b5498bb28e02eedab29aeb8bfa537f988aceb123b36858a6410e7

lyfyhzs.com Open in urlscan Pro 45.192.178.182 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

248 kBTransfer

682 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

22 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

lyfyhzs.com Open in urlscan Pro
45.192.178.182 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

248 kB
Transfer

682 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!