my-promise.com
Open in
urlscan Pro
45.88.5.253
Malicious Activity!
Public Scan
Submission: On November 23 via manual from JP
Summary
TLS certificate: Issued by TrustAsia TLS RSA CA on November 23rd 2020. Valid for: a year.
This is the only time my-promise.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: AIFUL Corporation (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 23 | 45.88.5.253 45.88.5.253 | 40676 (AS40676) (AS40676) | |
1 | 183.79.249.252 183.79.249.252 | 24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan) | |
3 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c0c::9a | 15169 (GOOGLE) (GOOGLE) | |
27 | 4 |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
my-promise.com
1 redirects
my-promise.com |
303 KB |
3 |
google-analytics.com
www.google-analytics.com |
19 KB |
1 |
doubleclick.net
stats.g.doubleclick.net |
84 B |
1 |
yahoo.co.jp
b92.yahoo.co.jp |
584 B |
27 | 4 |
Domain | Requested by | |
---|---|---|
23 | my-promise.com |
1 redirects
my-promise.com
|
3 | www.google-analytics.com |
my-promise.com
www.google-analytics.com |
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | b92.yahoo.co.jp |
my-promise.com
|
27 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.aiful.co.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
my-promise.com TrustAsia TLS RSA CA |
2020-11-23 - 2021-11-22 |
a year | crt.sh |
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4 |
2020-10-08 - 2021-11-07 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://my-promise.com/aiful/
Frame ID: A53E3B6A43B285C3B62D695685949217
Requests: 27 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://my-promise.com/aiful
HTTP 301
https://my-promise.com/aiful/ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Slick (JavaScript Libraries) Expand
Detected patterns
- script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://my-promise.com/aiful
HTTP 301
https://my-promise.com/aiful/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
my-promise.com/aiful/ Redirect Chain
|
20 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
screenmsg.css
my-promise.com/aiful/css/ |
172 B 343 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validationEngine.jquery.css
my-promise.com/aiful/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
my-promise.com/aiful/css/ |
23 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rw-style.css
my-promise.com/aiful/css/ |
67 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.3.min.js
my-promise.com/aiful/js/ |
94 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
my-promise.com/aiful/js/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s_retargeting.js
my-promise.com/aiful/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
my-promise.com/aiful/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controlkey.js
my-promise.com/aiful/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validationEngine.js
my-promise.com/aiful/js/ |
91 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validationEngine-ja.js
my-promise.com/aiful/js/ |
71 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
input_sp.css
my-promise.com/aiful/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.min.js
my-promise.com/aiful/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rw-logo_s.png
my-promise.com/aiful/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rw-icon-member.png
my-promise.com/aiful/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cardSample.jpeg
my-promise.com/aiful/images/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Poppo_icon_sp.png
my-promise.com/aiful/images/ |
42 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rw-app.js
my-promise.com/aiful/js/ |
175 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
btn_back.png
my-promise.com/aiful/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
btn_home.png
my-promise.com/aiful/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
b92.yahoo.co.jp/search/ |
0 584 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
my-promise.com/aiful/fonts/ |
70 KB 70 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
4 B 29 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 387 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 84 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: AIFUL Corporation (Financial)169 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| google_trackConversion string| yahoo_retargeting_id string| yahoo_retargeting_label string| yahoo_retargeting_page_type string| yahoo_retargeting_items string| encoded function| callInitFunc function| setReadOnly function| unsetReadOnly function| setDisabled function| unsetDisabled function| setDisabled2 function| unsetDisabled2 function| toHalfWidth function| toKana function| setTogglePasswordEvent function| setCopyAndPasteDisabled function| screenLock function| theSize function| mobilePhoneNo1NoRequired function| mobilePhoneNo1 function| douiradio function| checkMaxMoney function| checkMinMoney function| checkMaxMoneyZen function| checkMinMoneyZen function| checkMaxMoneyZou function| checkMaxMoneyZou2 function| checkMinMoneyZou function| checkNumberInteger function| checkMain function| mailAddress function| foreignHeadOfState function| driverLlicenseKbn function| driverLlicense function| desiredAmount function| desiredAmountCompany function| mobilePhoneFirst function| mobilePhoneFirstNoRequired function| mobilePhoneSecond function| mobilePhoneThird function| phoneFirst function| phoneFirstNoRequired function| phoneSecond function| phoneThird function| companyPhoneFirst function| companyPhoneFirstNoRequired function| companyPhoneSecond function| companyPhoneThird function| password function| passwordConfirmation function| contractMethod function| desiredContactInformation function| borrowedBalance function| otherUseCount function| annualIncome function| annualIncomeNoRequired function| entryYear function| entryMonth function| entryYear2 function| entryMonth2 function| payday function| companySize function| jobCategory function| industry function| insuranceCard function| businessType function| employmentStatus function| todayPayment function| postalCode function| companyPostalCode function| addressKana function| companyAddressKana function| livingTogether function| tenantsYears function| tenantsMonth function| tenantsYears2 function| tenantsMonth2 function| companyName function| residence function| address function| dependentChild function| dependentFamily function| sexAndMarriageKbn function| birthdayYear function| birthdayMonth function| birthdayDay function| countryOfCitizenship function| kanjiName function| kanaName function| kanaNameNoRequired function| rent function| rentNoRequired function| rentThreeDigits function| rentNineDigits function| companyKanaName function| annualSales function| corporationOrIndividual function| desiredCreditLimit function| desiredCreditLimit2 function| desiredCreditLimit3 function| cardDesign function| sex function| marriageKbn function| changeJobNumber function| lendingAmount function| firstLendingAmount function| repaymentAmount function| repaymentFrequency function| desiredItem function| dependentFamilyInputBox function| dependentChildInputBox function| loanCount function| loanName1 function| loanBalance1 function| loanBalance2 function| loanRate1 function| loanRate2 function| loanAmount1 function| loanAmount2 function| loanRefinement1 function| usingFunds function| otherPurposeUse function| IncreaseBorrowing function| IncreaseIncome function| changeJob function| pinNumber function| requestlimit function| yearlyPay function| otherMoney function| aifulCardPassword function| aifulCardPasswordConf function| loginId function| loginPassword function| loginPasswordConfirmation function| paymentDay function| receiveCard function| paymentMeans function| paymentDayTerm function| deliveryRequest function| mailRequest function| giveInfoSeg function| guideSegExceptSelf function| searchFinancialInstitutions function| serchBranch function| accountNumber function| depositType function| transferPerson function| initTransferLoan function| firstTransferLoan function| retry string| GoogleAnalyticsObject function| ga object| jQuery111306981149471341226 object| google_tag_data object| gaplugins object| gaGlobal object| gaData4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.my-promise.com/ | Name: _gat_aifulbfTracker Value: 1 |
|
.my-promise.com/ | Name: _gat Value: 1 |
|
.my-promise.com/ | Name: _gid Value: GA1.2.2092239066.1606121306 |
|
.my-promise.com/ | Name: _ga Value: GA1.2.670567154.1606121306 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
b92.yahoo.co.jp
my-promise.com
stats.g.doubleclick.net
www.google-analytics.com
183.79.249.252
2a00:1450:4001:80b::200e
2a00:1450:400c:c0c::9a
45.88.5.253
02240be6e2815b7b4704919cb5343b6629b166ad21c1c03397590bc5f6980a6d
0b47d0a2301af9c1c48282848039d5f8b1f834ebccda5f7d782c78b1b499df1c
1010b7525a55b59ac4f2e488a1a0cc49f86014553f33dba0dcf729d5117c538a
1bdb86a586032312c42c47fa1e6406faeb56595e283974a9739e3d36eb633bcd
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
28ecc594eb9d2b6e3543db209893127bb8777777f712f9a2bfc20603ea94a3b1
2d8821cfa17f0d70439b2396d337d2ceee79d47ca3476ac645fabfb33775d8dc
396ee7d0bbe773c0e74d83da8f6d68eeed888a0aef6a873769f93ed31c8237d8
49829d3c272707dfa15f6ae1a59b4adb2653fe568904d3df5d1a25ca54555492
4ff9b2f081352006aa684fdae42e778b84bcf7a09f7c299add0ac28c355d5a08
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70d8fcfa8ff667144e63a37ccb00eff6c6d899bfee98dadb44bc7e2128bb4d2d
7725de0758a6d03bcaee81b1aa1196258fc804bf2173ebba1469834aae36b3d2
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8f919a12cfb3cb8fe2341abc55302e7b546d876ca3ee69e2b9bcc9c71578b62b
995b542df683068084a1475bc15b9109c32933b138b0ef6386d342b8ce6af701
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b03bea0ccd84fe5cbaffc9b65976c0c586205d966367e4a118bfeadcc6c284a3
bb2aca85ab707d94f139c22b714299018a78cc61a466bf7fcea09fe008c52fcb
c7fb1cda47ab4fa7dce81c020432f91e7e56a5bff63dba4823d08eb9b57110cc
d63ce9319f20d4bc5275eb405b87da261cf76886c6f36513289f5c1798f3e641
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e64ffd60d5cf359db2cabd8fb34be842fbdea457962c2be13e3f7c1b33356fc5
f21e748522c56fcb8c9a67d11e505820763974daf019f31c248af81d7fc86955
f4973c47ec21751b05c09b5bea4d2d825ed8177444443cd77092c6dbe40b8c80