www.eki-net.com.e96jro5ns0.com Open in urlscan Pro
194.87.239.205 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.eki-net.com.e96jro5ns0.com/
Effective URL:
https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882...
Submission: On October 25 via manual (October 25th 2022, 3:25:35 am UTC) from JP — Scanned from JP

Summary HTTP 15 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 194.87.239.205, located in Russian Federation and belongs to MTW-AS, RU. The main domain is www.eki-net.com.e96jro5ns0.com.
TLS certificate: Issued by R3 on October 23rd 2022. Valid for: 3 months.

This is the only time www.eki-net.com.e96jro5ns0.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: JR East (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
2 17	194.87.239.205 194.87.239.205		48347 (MTW-AS) (MTW-AS)
15	1

17 194.87.239.205 (Russian Federation) 2 redirects

ASN48347 (MTW-AS, RU)
PTR: kszc.aceilitrog.com

www.eki-net.com.e96jro5ns0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	e96jro5ns0.com 2 redirects www.eki-net.com.e96jro5ns0.com	1 MB
15	1

	Domain	Requested by
17	www.eki-net.com.e96jro5ns0.com	2 redirects www.eki-net.com.e96jro5ns0.com
15	1

This site contains links to these domains. Also see Links.

Domain
www.eki-net.com
secure.okbiz.okwave.jp
www.jreast.co.jp
my.jreast.co.jp

Subject Issuer	Validity	Valid
www.eki-net.com.e96jro5ns0.com R3	`2022-10-23` - `2023-01-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52
Frame ID: 8D8DEB6CFE68F5C6A06EF6AE1C6EB843
Requests: 14 HTTP requests in this frame

Frame: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/index_1.html
Frame ID: E2BAED55F4C1ACD8CCFCA3A580269371
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

えきねっと（JR東日本）｜ログイン

Page URL History Show full URLs

http://www.eki-net.com.e96jro5ns0.com/ HTTP 301
https://www.eki-net.com.e96jro5ns0.com/ HTTP 302
https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1270 kB
Transfer

1598 kB
Size

1
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.eki-net.com/Personal/Top/Index

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/Personal/reserve/wb/RouteSearchConditionInput/Index
Title: JRきっぷ申込／空席案内

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/Personal/reserve/wb/JoyfulTrainsTop/Index
Title: のってたのしい列車（観光列車）の申込

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/Personal/reserve/wb/GainTicketSearchConditionsInput/Index
Title: おトクなきっぷの申込

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/jrticket/about/
Title: JRきっぷ申込とは

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/tokudane/
Title: えきねっとトクだ値

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/e-ticket/
Title: 新幹線eチケットサービス

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/ticketless/
Title: えきねっとチケットレスサービス

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/jrticket/guide/
Title: JRきっぷ申込ご利用ガイド

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/travel/
Title: JRツアー

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/rentcar/
Title: 駅レンタカー

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/howto/
Title: 便利な使い方

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/point/
Title: ポイント

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/info/
Title: お問い合わせ

Search URL Search Domain Scan URL

URL: https://secure.okbiz.okwave.jp/eki-net/?site_domain=default
Title: よくある質問

Search URL Search Domain Scan URL

URL: https://www.jreast.co.jp/

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/Personal/member/wb/ID/IDReminderApply
Title: えきねっとユーザーIDを忘れた

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/Personal/member/wb/PW/PasswordRegistApply
Title: パスワードを忘れた

Search URL Search Domain Scan URL

URL: https://my.jreast.co.jp/web/ir/RenewPasswordRequestForm.aspx
Title: My JR-EASTのID・パスワードをお忘れの場合（My JR-EASTサイトへ）

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/mail_magazine/
Title: メールマガジンのご案内

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/service_time/
Title: サービス提供時間

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/use/
Title: ご利用にあたって

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/kiyaku/
Title: えきねっと利用に関する規約

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/privacy/
Title: 個人情報の取扱いに関する基本方針

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/sitemap/
Title: サイトマップ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.eki-net.com.e96jro5ns0.com/ HTTP 301
https://www.eki-net.com.e96jro5ns0.com/ HTTP 302
https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login.php Show response
www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/
Redirect Chain

http://www.eki-net.com.e96jro5ns0.com/
https://www.eki-net.com.e96jro5ns0.com/
https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52

23 KB
5 KB

713ms
713ms

Document
text/html

194.87.239.205
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.87.239.205 , Russian Federation, ASN48347 (MTW-AS, RU),

Reverse DNS

kszc.aceilitrog.com

Software

nginx /

Resource Hash

60f049360153fe52f7abe01c4ee94700769face8e8ce3ee25cf71fbfbf066fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 25 Oct 2022 03:25:28 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-type: text/html;charset=utf-8
date: Tue, 25 Oct 2022 03:25:28 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: ../Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 common.css
www.eki-net.com.e96jro5ns0.com/static/css/ 120 KB
18 KB 389ms
385ms Stylesheet
text/css 194.87.239.205
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eki-net.com.e96jro5ns0.com/static/css/common.css

Requested by

Host: www.eki-net.com.e96jro5ns0.com
URL: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.87.239.205 , Russian Federation, ASN48347 (MTW-AS, RU),

Reverse DNS

kszc.aceilitrog.com

Software

nginx /

Resource Hash

c3c06cab11490cda8fa71c1fb7b633367a8065180a6fab532500f647bf248e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:25:29 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 31 Dec 2021 08:05:54 GMT
server: nginx
etag: W/"61ceb9e2-1e065"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 25 Oct 2022 15:25:29 GMT

GET
H2 200 module.css
www.eki-net.com.e96jro5ns0.com/static/css/ 74 KB
13 KB 390ms
386ms Stylesheet
text/css 194.87.239.205
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eki-net.com.e96jro5ns0.com/static/css/module.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.87.239.205 , Russian Federation, ASN48347 (MTW-AS, RU),

Reverse DNS

kszc.aceilitrog.com

Software

nginx /

Resource Hash

f32ac72b33743b0a8fcf63463ab1859bc72d25ebe3c02e8249c10420b8ed2a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:25:29 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 31 Dec 2021 08:05:54 GMT
server: nginx
etag: W/"61ceb9e2-12779"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 25 Oct 2022 15:25:29 GMT

GET
H2 200 member.css
www.eki-net.com.e96jro5ns0.com/static/css/ 20 KB
4 KB 391ms
388ms Stylesheet
text/css 194.87.239.205
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eki-net.com.e96jro5ns0.com/static/css/member.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.87.239.205 , Russian Federation, ASN48347 (MTW-AS, RU),

Reverse DNS

kszc.aceilitrog.com

Software

nginx /

Resource Hash

8e4d01ee0450f9f5e21ea7178dd0aad676fcebf6808a1a550fddc686fba02542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:25:29 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 31 Dec 2021 08:05:54 GMT
server: nginx
etag: W/"61ceb9e2-4fe7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 25 Oct 2022 15:25:29 GMT

GET
H2 200 style.css
www.eki-net.com.e96jro5ns0.com/static/css/ 39 KB
8 KB 577ms
574ms Stylesheet
text/css 194.87.239.205
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eki-net.com.e96jro5ns0.com/static/css/style.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.87.239.205 , Russian Federation, ASN48347 (MTW-AS, RU),

Reverse DNS

kszc.aceilitrog.com

Software

nginx /

Resource Hash

c6c23411a9fa7eb2bc546e6269c8243b2efc179dbe9dcedafc141d03057375ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:25:29 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 31 Dec 2021 08:05:56 GMT
server: nginx
etag: W/"61ceb9e4-9a27"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 25 Oct 2022 15:25:29 GMT

GET
H2 200 top_searchparts.css
www.eki-net.com.e96jro5ns0.com/static/css/ 119 KB
16 KB 578ms
576ms Stylesheet
text/css 194.87.239.205
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eki-net.com.e96jro5ns0.com/static/css/top_searchparts.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.87.239.205 , Russian Federation, ASN48347 (MTW-AS, RU),

Reverse DNS

kszc.aceilitrog.com

Software

nginx /

Resource Hash

6b6805e990d1063ebbf30e49162bf04f8ec247ffa96e1872e4b0d8d3f7e3a02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:25:29 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 31 Dec 2021 08:05:56 GMT
server: nginx
etag: W/"61ceb9e4-1db4d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 25 Oct 2022 15:25:29 GMT

GET
H2 200 load_font.css
www.eki-net.com.e96jro5ns0.com/static/css/ 786 B
989 B 578ms
576ms Stylesheet
text/css 194.87.239.205
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eki-net.com.e96jro5ns0.com/static/css/load_font.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.87.239.205 , Russian Federation, ASN48347 (MTW-AS, RU),

Reverse DNS

kszc.aceilitrog.com

Software

nginx /

Resource Hash

bdd84e5ef5aa059a934dc05de1d463e3d1d875727859f301a940426c16e805d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:25:29 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 31 Dec 2021 08:05:56 GMT
server: nginx
etag: "61ceb9e4-312"
content-type: text/css
cache-control: max-age=43200
accept-ranges: bytes
content-length: 786
expires: Tue, 25 Oct 2022 15:25:29 GMT

GET
H2 200 logo_ekinet.png
www.eki-net.com.e96jro5ns0.com/static/images/ 7 KB
8 KB 548ms
546ms Image
image/png 194.87.239.205
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eki-net.com.e96jro5ns0.com/static/images/logo_ekinet.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.87.239.205 , Russian Federation, ASN48347 (MTW-AS, RU),

Reverse DNS

kszc.aceilitrog.com

Software

nginx /

Resource Hash

3f7c549cfacde11c4129c09b1908d106126d823682cc758f70fc046638d7746b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:25:29 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 31 Dec 2021 07:45:10 GMT
server: nginx
etag: "61ceb506-1d38"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7480
expires: Thu, 24 Nov 2022 03:25:29 GMT

GET
H2 200 logo_jreast.png
www.eki-net.com.e96jro5ns0.com/static/images/ 3 KB
3 KB 548ms
547ms Image
image/png 194.87.239.205
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eki-net.com.e96jro5ns0.com/static/images/logo_jreast.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.87.239.205 , Russian Federation, ASN48347 (MTW-AS, RU),

Reverse DNS

kszc.aceilitrog.com

Software

nginx /

Resource Hash

ba4924716ed0580ae30f974eebb97421a2c10c1e2cf61e8ad60fcd39d8fbca30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:25:29 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 31 Dec 2021 07:45:10 GMT
server: nginx
etag: "61ceb506-b5d"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2909
expires: Thu, 24 Nov 2022 03:25:29 GMT

GET
H2 200 icon_input_ok.png
www.eki-net.com.e96jro5ns0.com/static/images/ 3 KB
3 KB 548ms
547ms Image
image/png 194.87.239.205
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eki-net.com.e96jro5ns0.com/static/images/icon_input_ok.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.87.239.205 , Russian Federation, ASN48347 (MTW-AS, RU),

Reverse DNS

kszc.aceilitrog.com

Software

nginx /

Resource Hash

d4d96a513c50320d375f5cb8c1c4f52d6ba868b6ffafec5f451deb8dc9ef05f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:25:29 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 31 Dec 2021 07:45:10 GMT
server: nginx
etag: "61ceb506-c9d"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3229
expires: Thu, 24 Nov 2022 03:25:29 GMT

GET
H2 200 icon_linkblank.png
www.eki-net.com.e96jro5ns0.com/static/images/ 166 B
371 B 548ms
547ms Image
image/png 194.87.239.205
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eki-net.com.e96jro5ns0.com/static/images/icon_linkblank.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.87.239.205 , Russian Federation, ASN48347 (MTW-AS, RU),

Reverse DNS

kszc.aceilitrog.com

Software

nginx /

Resource Hash

e918e110b6e7e8c5ada678baab1d10bcf4f24d149943804b0b31363ccd976b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:25:29 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 31 Dec 2021 07:45:10 GMT
server: nginx
etag: "61ceb506-a6"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 166
expires: Thu, 24 Nov 2022 03:25:29 GMT

GET
H2 200 icon_linkblank-1.png
www.eki-net.com.e96jro5ns0.com/static/images/ 166 B
371 B 548ms
547ms Image
image/png 194.87.239.205
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eki-net.com.e96jro5ns0.com/static/images/icon_linkblank-1.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.87.239.205 , Russian Federation, ASN48347 (MTW-AS, RU),

Reverse DNS

kszc.aceilitrog.com

Software

nginx /

Resource Hash

e918e110b6e7e8c5ada678baab1d10bcf4f24d149943804b0b31363ccd976b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:25:29 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 31 Dec 2021 07:45:12 GMT
server: nginx
etag: "61ceb508-a6"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 166
expires: Thu, 24 Nov 2022 03:25:29 GMT

GET
H2 404 index_1.html Show response
www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/ Frame E2BA 548 B
611 B 545ms
545ms Document
text/html 194.87.239.205
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/index_1.html
Requested by: Host: www.eki-net.com.e96jro5ns0.com
URL: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.87.239.205 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: kszc.aceilitrog.com
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-length: 548
content-type: text/html
date: Tue, 25 Oct 2022 03:25:29 GMT
server: nginx

GET
H2 200 notosanscjkjp-regular_subset.woff
www.eki-net.com.e96jro5ns0.com/static/fonts/ 1 MB
1 MB 193ms
191ms Font
font/woff 194.87.239.205
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eki-net.com.e96jro5ns0.com/static/fonts/notosanscjkjp-regular_subset.woff

Requested by

Host: www.eki-net.com.e96jro5ns0.com
URL: https://www.eki-net.com.e96jro5ns0.com/static/css/load_font.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.87.239.205 , Russian Federation, ASN48347 (MTW-AS, RU),

Reverse DNS

kszc.aceilitrog.com

Software

nginx /

Resource Hash

434379a92cc3af5ca03ccb2bfaadc7f2b8224b1b49f310ec5f4d27ca36777520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eki-net.com.e96jro5ns0.com/static/css/load_font.css
Origin: https://www.eki-net.com.e96jro5ns0.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:25:29 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 31 Dec 2021 07:45:10 GMT
server: nginx
etag: "61ceb506-128eb4"
content-type: font/woff
accept-ranges: bytes
content-length: 1216180

GET
H2 200 notosanscjkjp-bold_subset.woff
www.eki-net.com.e96jro5ns0.com/static/fonts/ 548 B
700 B 385ms
383ms Font
font/woff 194.87.239.205
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eki-net.com.e96jro5ns0.com/static/fonts/notosanscjkjp-bold_subset.woff

Requested by

Host: www.eki-net.com.e96jro5ns0.com
URL: https://www.eki-net.com.e96jro5ns0.com/static/css/load_font.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.87.239.205 , Russian Federation, ASN48347 (MTW-AS, RU),

Reverse DNS

kszc.aceilitrog.com

Software

nginx /

Resource Hash

d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eki-net.com.e96jro5ns0.com/static/css/load_font.css
Origin: https://www.eki-net.com.e96jro5ns0.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:25:29 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 31 Dec 2021 07:45:12 GMT
server: nginx
etag: "61ceb508-224"
content-type: font/woff
accept-ranges: bytes
content-length: 548

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: JR East (Transportation)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.eki-net.com.e96jro5ns0.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: vtcpti096gn2jnhji9kq18fvp0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/index_1.html Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52 Message: Failed to decode downloaded font: https://www.eki-net.com.e96jro5ns0.com/static/fonts/notosanscjkjp-bold_subset.woff
other	warning	URL: https://www.eki-net.com.e96jro5ns0.com/Personal/member/wb/Login/Login/login.php?ref=challenge_udm_context?user_open.id_auth_page=d7e882974f04e14c9d10b2924bec3504dee4ac52 Message: OTS parsing error: invalid sfntVersion: 1013478509

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.eki-net.com.e96jro5ns0.com
194.87.239.205
3f7c549cfacde11c4129c09b1908d106126d823682cc758f70fc046638d7746b
434379a92cc3af5ca03ccb2bfaadc7f2b8224b1b49f310ec5f4d27ca36777520
60f049360153fe52f7abe01c4ee94700769face8e8ce3ee25cf71fbfbf066fba
6b6805e990d1063ebbf30e49162bf04f8ec247ffa96e1872e4b0d8d3f7e3a02f
8e4d01ee0450f9f5e21ea7178dd0aad676fcebf6808a1a550fddc686fba02542
ba4924716ed0580ae30f974eebb97421a2c10c1e2cf61e8ad60fcd39d8fbca30
bdd84e5ef5aa059a934dc05de1d463e3d1d875727859f301a940426c16e805d8
c3c06cab11490cda8fa71c1fb7b633367a8065180a6fab532500f647bf248e29
c6c23411a9fa7eb2bc546e6269c8243b2efc179dbe9dcedafc141d03057375ec
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d4d96a513c50320d375f5cb8c1c4f52d6ba868b6ffafec5f451deb8dc9ef05f4
e918e110b6e7e8c5ada678baab1d10bcf4f24d149943804b0b31363ccd976b7a
f32ac72b33743b0a8fcf63463ab1859bc72d25ebe3c02e8249c10420b8ed2a06

www.eki-net.com.e96jro5ns0.com Open in urlscan Pro 194.87.239.205 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1270 kBTransfer

1598 kBSize

1 Cookies

25 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

1 Cookies

3 Console Messages

Security Headers

Indicators

www.eki-net.com.e96jro5ns0.com Open in urlscan Pro
194.87.239.205 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1270 kB
Transfer

1598 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!