user.dousahaeahao.site Open in urlscan Pro
179.43.142.114 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://user.dousahaeahao.site/
Effective URL:
https://user.dousahaeahao.site/viewpc/login.php
Submission: On December 07 via automatic, source certstream-suspicious (December 7th 2022, 10:17:45 am UTC) — Scanned from DE

Summary HTTP 48 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 48 HTTP transactions. The main IP is 179.43.142.114, located in Panama and belongs to PLI-AS, PA. The main domain is user.dousahaeahao.site.
TLS certificate: Issued by R3 on December 7th 2022. Valid for: 3 months.

This is the only time user.dousahaeahao.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Micard (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 46	179.43.142.114 179.43.142.114	51852 (PLI-AS) (PLI-AS)
1	2600:9000:249... 2600:9000:2490:dc00:8:dcbf:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.36.162.80 23.36.162.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.65.24.54 54.65.24.54	16509 (AMAZON-02) (AMAZON-02)
48	5

46 179.43.142.114 (Panama) 1 redirects

ASN51852 (PLI-AS, PA)
PTR: hostedby.privatealps.net

user.dousahaeahao.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:dc00:8:dcbf:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.yjtag.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.162.80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-80.deploy.static.akamaitechnologies.com

www2.micard.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.65.24.54 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-24-54.ap-northeast-1.compute.amazonaws.com

yjtag.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	dousahaeahao.site 1 redirects user.dousahaeahao.site	1 MB
1	yahoo.co.jp yjtag.yahoo.co.jp — Cisco Umbrella Rank: 23314	240 B
1	micard.co.jp www2.micard.co.jp	7 KB
1	yjtag.jp s.yjtag.jp — Cisco Umbrella Rank: 38923	13 KB
48	4

	Domain	Requested by
46	user.dousahaeahao.site	1 redirects user.dousahaeahao.site
1	yjtag.yahoo.co.jp	s.yjtag.jp
1	www2.micard.co.jp	user.dousahaeahao.site
1	s.yjtag.jp	user.dousahaeahao.site
48	4

This site contains links to these domains. Also see Links.

Domain
www2.micard.co.jp
insurance.micard.co.jp
www.imhds.co.jp
privacymark.jp

Subject Issuer	Validity	Valid
user.dousahaeahao.site R3	`2022-12-07` - `2023-03-07`	3 months	crt.sh
*.tgm.yahoo-net.jp Cybertrust Japan SureServer CA G4	`2022-03-07` - `2023-04-06`	a year	crt.sh
www.micard.co.jp Cybertrust Japan SureServer EV CA G3	`2022-11-04` - `2023-12-01`	a year	crt.sh
yjtag.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2022-02-02` - `2023-03-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://user.dousahaeahao.site/viewpc/login.php
Frame ID: 1AD60F27A449F998E1710A846151B99C
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

マイページにログイン

Page URL History Show full URLs

https://user.dousahaeahao.site/ HTTP 302
https://user.dousahaeahao.site/viewpc/login.php Page URL