p-r.top
Open in
urlscan Pro
45.134.145.196
Malicious Activity!
Public Scan
Submission: On November 02 via manual from JP
Summary
TLS certificate: Issued by TrustAsia TLS RSA CA on November 1st 2019. Valid for: a year.
This is the only time p-r.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Yamato Transport (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 45.134.145.196 45.134.145.196 | 40676 (AS40676) (AS40676 - Psychz Networks) | |
20 | 2 |
Domain | Requested by | |
---|---|---|
16 | p-r.top |
p-r.top
|
20 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
p-r.top TrustAsia TLS RSA CA |
2019-11-01 - 2020-10-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://p-r.top/yamato/login.php
Frame ID: BD32BB911BFE8A2675D2E04220F96087
Requests: 20 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.php
p-r.top/yamato/ |
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
market.css
p-r.top/yamato/assets/css/ |
81 B 251 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.0.3.min.js
p-r.top/yamato/assets/js/ |
82 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
p-r.top/yamato/assets/js/ |
127 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satelliteLib-a4445fd2af2e0c5b2734ffc8d58e4dcd9efa59a8.js
p-r.top/yamato/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
p-r.top/yamato/common/js/shared/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chk_submit.js
p-r.top/yamato/common/js/shared/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nya24def.js
p-r.top/yamato/common/js/shared/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_site-logo_02.png
p-r.top/yamato/assets/img/img/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.css
p-r.top/yamato/assets/css/ |
51 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
structure.css
p-r.top/yamato/assets/css/ |
93 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
components-market.css
p-r.top/yamato/assets/css/ |
283 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satelliteLib-a4445fd2af2e0c5b2734ffc8d58e4dcd9efa59a8.js
p-r.top/yamato/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chk_submit.js
p-r.top/yamato/common/js/shared/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nya24def.js
p-r.top/yamato/common/js/shared/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NotoSansCJKjp-Regular.woff
p-r.top/yamato/assets/fonts/ |
160 KB 0 |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
iconfont92d6.ttf
p-r.top/yamato/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
bg_hdg-level2-01_01.png
p-r.top/yamato/assets/img/bg/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
icon_pagetop_01.png
p-r.top/yamato/assets/img/icon/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
iconfont92d6.woff
p-r.top/yamato/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- p-r.top
- URL
- https://p-r.top/yamato/assets/fonts/iconfont92d6.ttf?ssh4fq
- Domain
- p-r.top
- URL
- https://p-r.top/yamato/assets/img/bg/bg_hdg-level2-01_01.png
- Domain
- p-r.top
- URL
- https://p-r.top/yamato/assets/img/icon/icon_pagetop_01.png
- Domain
- p-r.top
- URL
- https://p-r.top/yamato/assets/fonts/iconfont92d6.woff?ssh4fq
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Yamato Transport (Transportation)34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| UaObj function| modalWindow function| EventEmitter object| eventie function| imagesLoaded string| userAgent string| appVersion object| ua number| num boolean| heightFlag function| observe function| deleteObserve function| Btn object| _Btn function| dispH470 function| dispW1000 function| preload function| TextInput function| saveCookie function| loadCookie function| changeFont function| setCookieFont function| getCookieFont function| setFontInit boolean| opinionState function| clickOpinion object| adsearch_win function| openAdsearchDialog function| closeAdsearchDialog function| toVaild1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
p-r.top/ | Name: PHPSESSID Value: 3tg7mnqpcl0fkfi5ukkid5lu82 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
p-r.top
p-r.top
45.134.145.196
5ac2ac86a193c132741f9b59662bf716e4b65ef814cb11f2ee7e6f09a33d0cbb
5f0255c4bc532863aa1928f25e15a1564815711445f2060faba66efa584da6fc
86ede900489fe6b776dda8a56fa8b182c31c55b0548f45d4f28cd6ed462d903c
9edc5abc81de536194aa1986a03a219c5b581a050809f993987f99e1083f8511
aeeb87a20c1e3f2c0a67b6c8d6f1c61aced271b04b86435471249e463852524a
db6ef7f4f15f8023b680553d20adb4be2f46fc9d99b0f50c91300c2893b51e84
dd5274a4867f8f2a8c52229894d0fe6493ffec45322977ffb5e07644c0ba6d65
e38336df41331087ef5f14fe290c4e735d9f64a40cbff4445e4b099c2bbc2c7a
eb0e00e917aaab148a4031aad2665ffb94defcf66513b483dc58aded3921907e