saison-cavyuar.com Open in urlscan Pro
160.251.121.206 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://saison-cavyuar.com/WebPc/login.html
Submission Tags: tweet @noladefense #phishing #infosec #cybersecurity #フィッシング詐欺 #saison Search All
Submission: On March 30 via api (March 30th 2023, 3:48:45 am UTC) from FI — Scanned from JP

Summary HTTP 30 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 30 HTTP transactions. The main IP is 160.251.121.206, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is saison-cavyuar.com.
TLS certificate: Issued by R3 on March 29th 2023. Valid for: 3 months.

This is the only time saison-cavyuar.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Saison Card (Financial)

Domain & IP information

	IP Address	AS Autonomous System
2 21	160.251.121.206 160.251.121.206	7506 (INTERQ GM...) (INTERQ GMO Internet)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:820::200e	15169 (GOOGLE) (GOOGLE)
1	2600:140b:1a0... 2600:140b:1a00:14::17dc:5487	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2404:6800:400... 2404:6800:4004:820::2008	15169 (GOOGLE) (GOOGLE)
2	45.60.48.171 45.60.48.171	19551 (INCAPSULA) (INCAPSULA)
1	52.193.187.33 52.193.187.33	16509 (AMAZON-02) (AMAZON-02)
1	2600:140b:1a0... 2600:140b:1a00:14::17dc:5494	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
30	8

21 160.251.121.206 (Japan) 2 redirects

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v160-251-121-206.myvps.jp

saison-cavyuar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:1a00:14::17dc:5487 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.48.171 (United States)

ASN19551 (INCAPSULA, US)

www.saisoncard.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.193.187.33 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-187-33.ap-northeast-1.compute.amazonaws.com

spd-csna.securebrain.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:1a00:14::17dc:5494 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	saison-cavyuar.com 2 redirects saison-cavyuar.com	253 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	51 KB
2	saisoncard.co.jp www.saisoncard.co.jp
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 517 p.typekit.net — Cisco Umbrella Rank: 654	189 KB
1	securebrain.co.jp spd-csna.securebrain.co.jp	270 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	51 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
30	7

	Domain	Requested by
21	saison-cavyuar.com	2 redirects cdnjs.cloudflare.com saison-cavyuar.com
4	cdnjs.cloudflare.com	saison-cavyuar.com cdnjs.cloudflare.com
2	www.saisoncard.co.jp	saison-cavyuar.com
1	p.typekit.net	use.typekit.net
1	spd-csna.securebrain.co.jp	saison-cavyuar.com
1	www.googletagmanager.com	saison-cavyuar.com
1	use.typekit.net	saison-cavyuar.com
1	www.google-analytics.com	saison-cavyuar.com
30	8

This site contains links to these domains. Also see Links.

Domain
www.saisoncard.co.jp
faq.saisoncard.co.jp

Subject Issuer	Validity	Valid
saison-cavyuar.com R3	`2023-03-29` - `2023-06-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.securebrain.co.jp Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://saison-cavyuar.com/WebPc/login.html
Frame ID: BC35105B23E7F11125ADA0A46E03C66E
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SAISON CARD Netアンサー

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Zepto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

zepto.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

93 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

833 kB
Transfer

1133 kB
Size

1
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.saisoncard.co.jp/customer-support/netanswer/forget/
Title: ID、パスワードをお忘れの方

Search URL Search Domain Scan URL

URL: https://www.saisoncard.co.jp/customer-support/netanswer/login/
Title: ログインでお困りの方

Search URL Search Domain Scan URL

URL: https://www.saisoncard.co.jp/app/AppStoreRedirect.html?ch=bn_sploginpanel

Search URL Search Domain Scan URL

URL: https://www.saisoncard.co.jp/app/GooglePlayRedirect.html?ch=bn_sploginpanel

Search URL Search Domain Scan URL

URL: https://faq.saisoncard.co.jp/saison/list?site=OA5LHO14&category=75&sort=access
Title: よくあるお問い合わせ

Search URL Search Domain Scan URL

URL: https://www.saisoncard.co.jp/customer-support/maintenance/
Title: メンテナンス情報

Search URL Search Domain Scan URL

URL: https://faq.saisoncard.co.jp/saison/detail?site=OA5LHO14&category=279&id=325
Title: 推奨環境

Search URL Search Domain Scan URL

URL: https://www.saisoncard.co.jp/terms/netanswer-terms/
Title: Netアンサー規約

Search URL Search Domain Scan URL

URL: https://www.saisoncard.co.jp/cookie-policy/
Title: Cookieについて

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://saison-cavyuar.com/auth/resources/js/client/login.js HTTP 302
https://www.saisoncard.co.jp/

Request Chain 18

https://saison-cavyuar.com/auth/resources/js/client/clientAddclear.js HTTP 302
https://www.saisoncard.co.jp/

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login.html Show response
saison-cavyuar.com/WebPc/ 1 KB
2 KB 19ms
6ms Document
text/html 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: 799dca5eb648be5b4e32186032be076689c9b47f6399f16c8fb8df475cf1f45f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Length: 1350
Content-Type: text/html; charset=UTF-8
Date: Thu, 30 Mar 2023 03:48:14 GMT
ETag: W/"546-1872d787819"
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express

GET
H2 200 zepto.min.js Show response
cdnjs.cloudflare.com/ajax/libs/zepto/1.2.0/ 26 KB
9 KB 25ms
7ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/zepto/1.2.0/zepto.min.js

Requested by

Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beb9f5e32ed61fbce010497242a9b6b8219242b5ffc636038e7891510c773725

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 03:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1749536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8798
last-modified: Mon, 04 May 2020 16:18:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04043-6712"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0svK4O%2FHR70aBHcKXLSg06b6IxfMhgdwrPcOeJKB0PaMfyzEp1h%2Bxu5Slx5Qf2ZSuHIVsvpUgzjgJgwcX5Q0UJu9pF1kB8bEPwfHXJCUxKPkr1RSe9o9AJHwzdU7S9zSZk4krTe4mWMn%2B7skXf40t2Iv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7afd60372f02f5b7-NRT
expires: Tue, 19 Mar 2024 03:48:14 GMT

GET
H2 200 base64.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Base64/1.1.0/ 1 KB
889 B 27ms
9ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Base64/1.1.0/base64.min.js

Requested by

Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f94d7639ccd0a0e0aea9bc3b2b88ba1f3af4f15e2197ae7edceb731e0d5e62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 03:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 173949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 549
last-modified: Mon, 04 May 2020 16:03:57 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ced-431"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHgl%2FuyNpaapV1wyAziDL04NOwg3%2FRbyYyF4YYPgG1w9YlGUDaoWn1i3t%2FtuX1RvsJPn1fydkn9oU4GPzBJffxue3gUTRsMaB5SazfIy5%2Bswxi%2B23RgTSPooNgw1qFM1PRrGVovAgjQ8n6rLVwFHfq5F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7afd60372f04f5b7-NRT
expires: Tue, 19 Mar 2024 03:48:14 GMT

GET
H/1.1 200
OK login Show response
saison-cavyuar.com/source/WebPc/ 47 KB
47 KB 23ms
23ms XHR
text/html 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://saison-cavyuar.com/source/WebPc/login?v=&_=1680148094587
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zepto/1.2.0/zepto.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: 08f325fb9f6991fb13a93bd7ac0bdccefa064d9ecdfe266ba0a8d9d8b5be3f05

Request headers

Accept: */*
Referer: https://saison-cavyuar.com/WebPc/login.html
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Server: nginx/1.22.1
Connection: keep-alive
X-Powered-By: Express
Content-Length: 48116
ETag: W/"bbf4-Lsi+FWsHAc9F9MxO5rGVTTwdkKQ"
Content-Type: text/html; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
3ms Script
text/javascript 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 30 Mar 2023 03:37:58 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 616
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 30 Mar 2023 05:37:58 GMT

GET
H2 200 dkv4rfm.js Show response
use.typekit.net/ 285 KB
189 KB 120ms
3ms Script
text/javascript 2600:140b:1a00:14::17dc:5487
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/dkv4rfm.js

Requested by

Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:140b:1a00:14::17dc:5487 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

24f890ffda2f6a7f5bf5ef14abfea98e263f54c8cf48101dedbcd017b3881f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 30 Mar 2023 03:48:14 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 192462

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 133 KB
51 KB 162ms
45ms Script
application/javascript 2404:6800:4004:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5M9LCS3

Requested by

Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed1eacdff5ca58a0c04653b12bd47cd0b9274d1853ff030eba7e63a91d4e1daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 03:48:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51530
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Mar 2023 03:48:14 GMT

GET
H/1.1 200
OK common.css
saison-cavyuar.com/auth/resources/css/client/ 13 KB
14 KB 9ms
7ms Stylesheet
text/css 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://saison-cavyuar.com/auth/resources/css/client/common.css
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: 6d8b11a372fc3ba84e72c9c6a57701f588262b50a35728ef26e791507b208d9b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"34ee-1872d787821"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13550

GET
H/1.1 200
OK na.css
saison-cavyuar.com/auth/resources/css/client/ 5 KB
5 KB 22ms
16ms Stylesheet
text/css 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://saison-cavyuar.com/auth/resources/css/client/na.css
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: cccb0643159c734ac0e73f282155e2d1d18a6cdc2d086f6dfb0c560b7a4b81be

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"1244-1872d787821"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4676

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/ 99 KB
17 KB 8ms
6ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css

Requested by

Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 03:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4714494
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17188
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62deef96-4324"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIHX0sUIrnNAJW8kx3u%2Fd7D%2F82rIggwknbXenPHvypjJHn43q3Q05xZOFy1hboI7qZ6NVhdXrdKtYd4d6g0jes3MMVtEWVXDSpLn9CA7RLy2C%2FPnYrseh6jKzwg8zonU5VBxwOpDjRFvlACMDi47vn3A"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7afd60376f37f5b7-NRT
expires: Tue, 19 Mar 2024 03:48:14 GMT

GET
H/1.1 200
OK jquery.js Show response
saison-cavyuar.com/auth/resources/js/ 87 KB
88 KB 21ms
14ms Script
application/javascript 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://saison-cavyuar.com/auth/resources/js/jquery.js
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"15d9d-1872d787825"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89501

GET
H/1.1

200
OK

/ Show response
www.saisoncard.co.jp/
Redirect Chain

https://saison-cavyuar.com/auth/resources/js/client/login.js
https://www.saisoncard.co.jp/

0
0

355ms
308ms

Script
text/html

45.60.48.171
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saisoncard.co.jp/
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Server: 45.60.48.171 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Redirect headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Server: nginx/1.22.1
X-Powered-By: Express
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: https://www.saisoncard.co.jp/
Connection: keep-alive
Content-Length: 51

GET
H/1.1 200
OK util.js Show response
saison-cavyuar.com/auth/resources/js/ 10 KB
10 KB 21ms
14ms Script
application/javascript 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://saison-cavyuar.com/auth/resources/js/util.js
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: 16c72cfeb6471cca4fe9bd270035edc31b9bd06c8bfe847e92162dc79ed06971

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"2680-1872d787825"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9856

GET
H/1.1 200
OK main.js Show response
saison-cavyuar.com/auth/resources/js/ 3 KB
3 KB 22ms
15ms Script
application/javascript 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://saison-cavyuar.com/auth/resources/js/main.js
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: 50eaa1f9f4aab467f620a6ac31a3d2b8e534747f3fc1ceb53efd361f55ddc190

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"c96-1872d787825"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3222

GET
H/1.1 200
OK scopeDispSwitch.js Show response
saison-cavyuar.com/auth/resources/js/ 695 B
1023 B 24ms
15ms Script
application/javascript 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://saison-cavyuar.com/auth/resources/js/scopeDispSwitch.js
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: e155ba0226f162d0182589e43b857a0439b7179587a27a17369db47ee8daa0f6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"2b7-1872d787825"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 695

GET
H/1.1 200
OK createIframe.js Show response
saison-cavyuar.com/auth/resources/js/ 2 KB
2 KB 33ms
11ms Script
application/javascript 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://saison-cavyuar.com/auth/resources/js/createIframe.js
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: 45967261719a12a56e2b520c3886881823b416bfbce7f78f292f940d868ed269

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"67a-1872d787825"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1658

GET
H/1.1 200
OK jquery.autoheight.js Show response
saison-cavyuar.com/auth/resources/js/ 785 B
1 KB 33ms
11ms Script
application/javascript 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://saison-cavyuar.com/auth/resources/js/jquery.autoheight.js
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: 7b3535353f80916bf23ff60a3943400df50a51521b5b02c62a1bee3b88af8468

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"311-1872d787825"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 785

GET
H/1.1 200
OK index.js Show response
saison-cavyuar.com/auth/resources/js/ 4 KB
4 KB 34ms
12ms Script
application/javascript 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://saison-cavyuar.com/auth/resources/js/index.js
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: 5b8bcd4cf766ecc35793da7d709d6c6c50b4c7f39b3d5c21be40b8e8a4e3e099

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"f7e-1872d787825"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3966

GET
H/1.1 200
OK basic.js Show response
saison-cavyuar.com/auth/resources/js/ 719 B
1 KB 35ms
12ms Script
application/javascript 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://saison-cavyuar.com/auth/resources/js/basic.js
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: 51f036c4216fece62909954daae4dceaf188ab706e2ec07ae5cd1f36ea3324e8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"2cf-1872d787825"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 719

GET
H/1.1

200
OK

/ Show response
www.saisoncard.co.jp/
Redirect Chain

https://saison-cavyuar.com/auth/resources/js/client/clientAddclear.js
https://www.saisoncard.co.jp/

0
0

330ms
285ms

Script
text/html

45.60.48.171
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saisoncard.co.jp/
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Server: 45.60.48.171 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Redirect headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Server: nginx/1.22.1
X-Powered-By: Express
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: https://www.saisoncard.co.jp/
Connection: keep-alive
Content-Length: 51

GET
H/1.1 200
OK location.js Show response
saison-cavyuar.com/auth/resources/js/ 1 KB
2 KB 43ms
16ms Script
application/javascript 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://saison-cavyuar.com/auth/resources/js/location.js
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: dde34f801ba21cf1dbd58ef426063d88ad4fc7d3726f95ad7ebf002706eac40d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"5e2-1872d787825"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1506

GET
H/1.1 200
OK puzzleIsOn.js Show response
saison-cavyuar.com/auth/resources/js/ 1 KB
1 KB 44ms
11ms Script
application/javascript 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://saison-cavyuar.com/auth/resources/js/puzzleIsOn.js
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: e567781dc75b2dc51baa2beff1c1eb5dc6436921dfaa91e4cfb9aebd4219eaae

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"43d-1872d787825"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1085

GET
H2 200 t.js Show response
spd-csna.securebrain.co.jp/js/ 269 KB
270 KB 124ms
9ms Script
application/javascript 52.193.187.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://spd-csna.securebrain.co.jp/js/t.js?ccode=saison

Requested by

Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.193.187.33 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-193-187-33.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

b23c225becc9e45958c538cf4841363c4ad960dc562673115239a44030f6f7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 03:48:14 GMT
x-content-type-options: nosniff
etag: W/"e89c6bd8e1d99b441e4d5e1452dec898"
x-frame-options: ALLOWALL
access-control-allow-methods: GET, POST
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
access-control-allow-headers: X-Requested-With, Content-Type, x-phishwall-guid, x-phishwall-client, x-phishwall-version
content-length: 275454

GET
H/1.1 200
OK icon_saison_03.svg
saison-cavyuar.com/auth/resources/img/logo/ 4 KB
5 KB 11ms
11ms Image
image/svg+xml 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saison-cavyuar.com/auth/resources/img/logo/icon_saison_03.svg
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: 2a9a2a00a40c8a424a136215aeab6dda1af941afe3b68da802b3dda239a85af7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"114b-1872d787825"
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4427

GET
H/1.1 200
OK sportal.svg
saison-cavyuar.com/auth/resources/img/client/ 37 KB
37 KB 15ms
15ms Image
image/svg+xml 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saison-cavyuar.com/auth/resources/img/client/sportal.svg
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: 78194da74b169b466c79454b7e6ad7751b5392f9989872b709126abd549978f3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"93a9-1872d787821"
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37801

GET
H/1.1 200
OK apple.svg
saison-cavyuar.com/auth/resources/img/client/ 10 KB
10 KB 10ms
10ms Image
image/svg+xml 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saison-cavyuar.com/auth/resources/img/client/apple.svg
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: 988fe0a48015c5a56dac88172487a1f5cda96340b34d80fd94312d02e9f67865

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"2698-1872d787821"
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9880

GET
H/1.1 200
OK google.png
saison-cavyuar.com/auth/resources/img/client/ 15 KB
15 KB 11ms
10ms Image
image/png 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saison-cavyuar.com/auth/resources/img/client/google.png
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: 9109ebbe6a617995eeb0d623a924ce362c112094a5e21bfcae42ea0852f47148

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"3c6d-1872d787821"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15469

GET
H/1.1 200
OK logo_f.svg
saison-cavyuar.com/auth/resources/img/footer/ 4 KB
5 KB 9ms
9ms Image
image/svg+xml 160.251.121.206
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saison-cavyuar.com/auth/resources/img/footer/logo_f.svg
Requested by: Host: saison-cavyuar.com
URL: https://saison-cavyuar.com/WebPc/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 160.251.121.206 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v160-251-121-206.myvps.jp
Software: nginx/1.22.1 / Express
Resource Hash: ddd6300d42d57985e6b3449494bff182a7fa3f4b29a5d0e69c7ed3829bf98bd6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/WebPc/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 03:48:14 GMT
Last-Modified: Wed, 29 Mar 2023 13:04:42 GMT
Server: nginx/1.22.1
X-Powered-By: Express
ETag: W/"1138-1872d787821"
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4408

GET
H2 200 p.gif Show response
p.typekit.net/ 35 B
227 B 27ms
3ms XHR
image/gif 2600:140b:1a00:14::17dc:5494
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.gif?s=1&k=dkv4rfm&ht=tk&h=saison-cavyuar.com&f=43111.43113&a=69442108&js=1.9.0&app=typekit&e=js&_=1680148094769
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/dkv4rfm.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:14::17dc:5494 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://saison-cavyuar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 30 Mar 2023 03:48:14 GMT
last-modified: Sat, 09 Oct 2021 02:10:38 GMT
server: nginx
etag: "6160fa1e-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/webfonts/ 23 KB
24 KB 19ms
13ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7044bf4d662fb03c83f080743f3fb66370cbf737f5c991df1c545e73961da655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css
Origin: https://saison-cavyuar.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 03:48:15 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4713663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24028
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62deef96-5ddc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evq9mCdjVSKE2pb7PRT0niocYQyYBQXB46hndyLL34fM0aJR6TZyo3QycdTI8hmch8Lqz9Vowrl%2BTeI6KjN5go45xTNp7zDo9LLAAq5ttd8HNcYtnTvsQvIPzLAUChYmaFHSiK6LZYnlwFrlRy3fS3T4"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7afd603a8f7daf2b-NRT
expires: Tue, 19 Mar 2024 03:48:15 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Saison Card (Financial)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			saison-cavyuar.com/	1969-12-31 23:59:59	Name: mercar:sid Value: s%3A0f48b6d3-6cfd-42fd-8a28-17abddfea25b.jlg7DeT0mIH5wQhq%2F6DqUzUmUyMI6tq4jha1eGdT4Ng

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
p.typekit.net
saison-cavyuar.com
spd-csna.securebrain.co.jp
use.typekit.net
www.google-analytics.com
www.googletagmanager.com
www.saisoncard.co.jp
160.251.121.206
2404:6800:4004:820::2008
2404:6800:4004:820::200e
2600:140b:1a00:14::17dc:5487
2600:140b:1a00:14::17dc:5494
2606:4700::6811:190e
45.60.48.171
52.193.187.33
08f325fb9f6991fb13a93bd7ac0bdccefa064d9ecdfe266ba0a8d9d8b5be3f05
16c72cfeb6471cca4fe9bd270035edc31b9bd06c8bfe847e92162dc79ed06971
24f890ffda2f6a7f5bf5ef14abfea98e263f54c8cf48101dedbcd017b3881f54
2a9a2a00a40c8a424a136215aeab6dda1af941afe3b68da802b3dda239a85af7
2f94d7639ccd0a0e0aea9bc3b2b88ba1f3af4f15e2197ae7edceb731e0d5e62e
45967261719a12a56e2b520c3886881823b416bfbce7f78f292f940d868ed269
50eaa1f9f4aab467f620a6ac31a3d2b8e534747f3fc1ceb53efd361f55ddc190
51f036c4216fece62909954daae4dceaf188ab706e2ec07ae5cd1f36ea3324e8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b8bcd4cf766ecc35793da7d709d6c6c50b4c7f39b3d5c21be40b8e8a4e3e099
6d8b11a372fc3ba84e72c9c6a57701f588262b50a35728ef26e791507b208d9b
7044bf4d662fb03c83f080743f3fb66370cbf737f5c991df1c545e73961da655
78194da74b169b466c79454b7e6ad7751b5392f9989872b709126abd549978f3
799dca5eb648be5b4e32186032be076689c9b47f6399f16c8fb8df475cf1f45f
7b3535353f80916bf23ff60a3943400df50a51521b5b02c62a1bee3b88af8468
9109ebbe6a617995eeb0d623a924ce362c112094a5e21bfcae42ea0852f47148
988fe0a48015c5a56dac88172487a1f5cda96340b34d80fd94312d02e9f67865
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
b23c225becc9e45958c538cf4841363c4ad960dc562673115239a44030f6f7c1
beb9f5e32ed61fbce010497242a9b6b8219242b5ffc636038e7891510c773725
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
cccb0643159c734ac0e73f282155e2d1d18a6cdc2d086f6dfb0c560b7a4b81be
ddd6300d42d57985e6b3449494bff182a7fa3f4b29a5d0e69c7ed3829bf98bd6
dde34f801ba21cf1dbd58ef426063d88ad4fc7d3726f95ad7ebf002706eac40d
e155ba0226f162d0182589e43b857a0439b7179587a27a17369db47ee8daa0f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e567781dc75b2dc51baa2beff1c1eb5dc6436921dfaa91e4cfb9aebd4219eaae
ed1eacdff5ca58a0c04653b12bd47cd0b9274d1853ff030eba7e63a91d4e1daf
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

saison-cavyuar.com Open in urlscan Pro 160.251.121.206 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

30 Requests

93 %HTTPS

63 %IPv6

7 Domains

8 Subdomains

8 IPs

3 Countries

833 kBTransfer

1133 kBSize

1 Cookies

9 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

saison-cavyuar.com Open in urlscan Pro
160.251.121.206 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

93 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

833 kB
Transfer

1133 kB
Size

1
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!