abe-koffice.sakura.ne.jp
Open in
urlscan Pro
49.212.207.39
Malicious Activity!
Public Scan
Submitted URL: https://www.eyedentity.com.au/vraodbstzlwhxm
Effective URL: https://abe-koffice.sakura.ne.jp/rscontrol/jp/index.apx.html?86a5fb0c1986f53540cce63d9e80b01a
Submission: On August 22 via manual from JP — Scanned from AU
Effective URL: https://abe-koffice.sakura.ne.jp/rscontrol/jp/index.apx.html?86a5fb0c1986f53540cce63d9e80b01a
Submission: On August 22 via manual from JP — Scanned from AU
Summary
This website contacted 1 IPs
in 2 countries
across 2 domains to perform 18 HTTP transactions.
The main IP is 49.212.207.39, located in
Japan and
belongs to SAKURA-C SAKURA Internet Inc., JP.
The main domain is abe-koffice.sakura.ne.jp.
TLS certificate: Issued by Gehirn Managed Certification Authorit... on May 16th 2023. Valid for: a year.
This is the only time abe-koffice.sakura.ne.jp was scanned on urlscan.io!
TLS certificate: Issued by Gehirn Managed Certification Authorit... on May 16th 2023. Valid for: a year.
This is the only time abe-koffice.sakura.ne.jp was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: SAKURA Internet (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 122.201.103.103 122.201.103.103 | 38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited) | |
| 3 21 | 49.212.207.39 49.212.207.39 | 9371 (SAKURA-C ...) (SAKURA-C SAKURA Internet Inc.) | |
| 18 | 1 |
1
122.201.103.103
(Australia)
ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: s1.sitecare.com.au
ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: s1.sitecare.com.au
| www.eyedentity.com.au |
21
49.212.207.39
(Japan)
ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: www3029.sakura.ne.jp
ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: www3029.sakura.ne.jp
| abe-koffice.sakura.ne.jp |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 21 |
sakura.ne.jp
3 redirects
abe-koffice.sakura.ne.jp |
367 KB |
| 1 |
eyedentity.com.au
1 redirects
www.eyedentity.com.au |
266 B |
| 18 | 2 |
| Domain | Requested by | |
|---|---|---|
| 21 | abe-koffice.sakura.ne.jp |
3 redirects
abe-koffice.sakura.ne.jp
|
| 1 | www.eyedentity.com.au | 1 redirects |
| 18 | 2 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.sakura.ne.jp Gehirn Managed Certification Authority - RSA DV |
2023-05-16 - 2024-05-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://abe-koffice.sakura.ne.jp/rscontrol/jp/index.apx.html?86a5fb0c1986f53540cce63d9e80b01a
Frame ID: 6BB7D5D932138ABEC716E6D35156C26B
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
会員メニュー|さくらインターネットPage URL History Show full URLs
-
https://www.eyedentity.com.au/vraodbstzlwhxm
HTTP 302
https://abe-koffice.sakura.ne.jp/rscontrol/ HTTP 302
https://abe-koffice.sakura.ne.jp/rscontrol/jp?f817f00de0392844808a9683bf31972e HTTP 301
https://abe-koffice.sakura.ne.jp/rscontrol/jp/?f817f00de0392844808a9683bf31972e HTTP 302
https://abe-koffice.sakura.ne.jp/rscontrol/jp/index.apx.html?86a5fb0c1986f53540cce63d9e80b01a Page URL
Detected technologies
Flat UI
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+flat-ui(?:\.min)?\.css
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.eyedentity.com.au/vraodbstzlwhxm
HTTP 302
https://abe-koffice.sakura.ne.jp/rscontrol/ HTTP 302
https://abe-koffice.sakura.ne.jp/rscontrol/jp?f817f00de0392844808a9683bf31972e HTTP 301
https://abe-koffice.sakura.ne.jp/rscontrol/jp/?f817f00de0392844808a9683bf31972e HTTP 302
https://abe-koffice.sakura.ne.jp/rscontrol/jp/index.apx.html?86a5fb0c1986f53540cce63d9e80b01a Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
index.apx.html
abe-koffice.sakura.ne.jp/rscontrol/jp/ Redirect Chain
|
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flat-ui.min.css
abe-koffice.sakura.ne.jp/rscontrol/jp/css/ |
128 KB 128 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
validationEngine.jquery.css
abe-koffice.sakura.ne.jp/rscontrol/jp/css/ |
3 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.css
abe-koffice.sakura.ne.jp/rscontrol/jp/css/ |
12 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
short.css
abe-koffice.sakura.ne.jp/rscontrol/jp/css/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header.css
abe-koffice.sakura.ne.jp/rscontrol/jp/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer.css
abe-koffice.sakura.ne.jp/rscontrol/jp/css/ |
808 B 999 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modal.css
abe-koffice.sakura.ne.jp/rscontrol/jp/css/ |
3 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loding.css
abe-koffice.sakura.ne.jp/rscontrol/jp/css/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loginCommon.css
abe-koffice.sakura.ne.jp/rscontrol/jp/css/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loginFirstStep.css
abe-koffice.sakura.ne.jp/rscontrol/jp/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.11.2.min.js
abe-koffice.sakura.ne.jp/rscontrol/jp/js/ |
94 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.validationEngine.js
abe-koffice.sakura.ne.jp/rscontrol/jp/js/ |
71 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.validationEngine-ja.js
abe-koffice.sakura.ne.jp/rscontrol/jp/js/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.cookie.js
abe-koffice.sakura.ne.jp/rscontrol/jp/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loginCommon.js
abe-koffice.sakura.ne.jp/rscontrol/jp/js/ |
987 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loginFirstStep.js
abe-koffice.sakura.ne.jp/rscontrol/jp/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
osu-logo.png@v202212011000
abe-koffice.sakura.ne.jp/rscontrol/jp/img/ |
3 KB 3 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: SAKURA Internet (Online)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery function| isAvaliableCookie boolean| submitFlg function| submitLoginForFirstStep function| sidToMigrate1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| abe-koffice.sakura.ne.jp/ | Name: PHPSESSID Value: fal54e8lk5i626fnn4hgjujidq |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
abe-koffice.sakura.ne.jp
www.eyedentity.com.au
122.201.103.103
49.212.207.39
236ef773ada586788328670c1350733ced6c50310e488e207b9ec575bc3c5a2b
264822cd573baaa4220b359d0d3747e568c1161e3c534d4347576927f0faed53
2846c5272911208c5a6c1870cf26446ee45e51ccb7a0c62970bf5747afa04019
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
36cd065bfb7d5b67f4bd3f1ce0a0e125ad6790078b01734c44679ad7b6b60157
456f4d127f4cc0cb1c9df398f7cf5e0f481098c644f00d9e4b459531f68174b4
5571b125c687ff533cdca43764d03cc5f22ceea1be76ea5ad8f374361a006138
8239470010dc29f2aba903b52545984feba6117e6b6aaeb1acfb44a90b1a3fd2
8dae0d4fa4a8e24c4ce334eaa7662e01f4579a155a4e933bd137acff10f52c36
a16f620d7bf133467ec237f01aa12350a4c3f6733b73da511d146af06a151dc0
a4c9701e2a239493beb245ab925e22ddc533e6c6f92cd60f26e6b7e55d0d66dc
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
ba45b967503ceb6af8922e6d809f1345e1fb3c1d213d6fb06b7abe7f5cf9497b
c67ecff6560d5ac3aeecc0252b491ed2bfeb0f852cd0136ac0b4a473f900d470
cf49f93035fd818e203ff820908749d5f8d1f8c8d9ae2391557f68ecbb748b73
d1293448cfd6ca56dc36546c9065dc1b05d2b3e197c5ef8d0e9debcdd14fcda6
d5463c9ae4adc3cf4a8486dd7c21a58e00a04023546688007cc52a618f23d7be
e4a61f1e5d9c775b820ce2cbd43b9f1ef57bdf9412c5351f32dae82cfb7e0b1a