www.sasakidenki.com Open in urlscan Pro
118.27.125.188 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php
Submission: On October 02 via api (October 2nd 2024, 6:16:50 am UTC) from US — Scanned from JP

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 118.27.125.188, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is www.sasakidenki.com.
TLS certificate: Issued by R10 on July 9th 2024. Valid for: 3 months.

This is the only time www.sasakidenki.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SF Express (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
11	118.27.125.188 118.27.125.188		7506 (INTERQ GM...) (INTERQ GMO Internet)
11	1

11 118.27.125.188 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 118-27-125-188.virt.lolipop.jp

www.sasakidenki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	sasakidenki.com www.sasakidenki.com	578 KB
11	1

	Domain	Requested by
11	www.sasakidenki.com	www.sasakidenki.com
11	1

This site contains no links.

Subject Issuer	Validity	Valid
sasakidenki.com R10	`2024-07-09` - `2024-10-07`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php
Frame ID: DC444743958C04FEDD4B8DC01C716BFC
Requests: 7 HTTP requests in this frame

Frame: https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/iframe/05.html
Frame ID: C69DD55611AC9469CC805E74F499E826
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SF Express

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

578 kB
Transfer

624 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index2.php Show response www.sasakidenki.com/event/cat65/2008/06/lee/sfe/	5 KB 1 KB	740ms 439ms	Document text/html	118.27.125.188 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 118.27.125.188 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS 118-27-125-188.virt.lolipop.jp Software Apache / PHP/5.3.29 Resource Hash `c29ab80d5178b03700ebbaaf7c3122d08c05d56be557e31ab765e9037422b899` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges none content-encoding gzip content-length 1287 content-type text/html date Wed, 02 Oct 2024 06:16:46 GMT server Apache vary Range,Accept-Encoding x-powered-by PHP/5.3.29
GET H2	200	form.css www.sasakidenki.com/event/cat65/2008/06/lee/sfe/css/	1 KB 490 B	66ms 66ms	Stylesheet text/css	118.27.125.188 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/css/form.css Requested by Host: www.sasakidenki.com URL: https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 118.27.125.188 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS 118-27-125-188.virt.lolipop.jp Software Apache / Resource Hash `52cc1e83214006996ec566906e7c506d600539e9ff50b1beb21cf6c71728ac8c` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php Response headers content-encoding gzip accept-ranges none content-length 323 date Wed, 02 Oct 2024 06:16:46 GMT content-type text/css last-modified Mon, 31 Oct 2022 19:52:29 GMT server Apache vary Range,Accept-Encoding
GET H2	200	header.jpg www.sasakidenki.com/event/cat65/2008/06/lee/sfe/supportfiles/	16 KB 15 KB	58ms 58ms	Image image/jpeg	118.27.125.188 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/supportfiles/header.jpg Requested by Host: www.sasakidenki.com URL: https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 118.27.125.188 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS 118-27-125-188.virt.lolipop.jp Software Apache / Resource Hash `1c5ecc302bba15d4697650c26be7574e1fd6706b10b681fdd712f4f2a89672c5` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php Response headers content-encoding gzip accept-ranges none content-length 15004 date Wed, 02 Oct 2024 06:16:46 GMT content-type image/jpeg last-modified Mon, 31 Oct 2022 19:52:29 GMT server Apache vary Range,Accept-Encoding
GET H2	200	qr.jpg www.sasakidenki.com/event/cat65/2008/06/lee/sfe/supportfiles/	6 KB 6 KB	67ms 67ms	Image image/jpeg	118.27.125.188 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/supportfiles/qr.jpg Requested by Host: www.sasakidenki.com URL: https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 118.27.125.188 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS 118-27-125-188.virt.lolipop.jp Software Apache / Resource Hash `76c123904c78f728b0bba001d61adadca6b55ae20d1ea4f9985eb4a2eca55502` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php Response headers content-encoding gzip accept-ranges none content-length 6092 date Wed, 02 Oct 2024 06:16:46 GMT content-type image/jpeg last-modified Mon, 31 Oct 2022 19:52:29 GMT server Apache vary Range,Accept-Encoding
GET H2	200	banner.jpg www.sasakidenki.com/event/cat65/2008/06/lee/sfe/supportfiles/	324 KB 309 KB	54ms 53ms	Image image/jpeg	118.27.125.188 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/supportfiles/banner.jpg Requested by Host: www.sasakidenki.com URL: https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 118.27.125.188 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS 118-27-125-188.virt.lolipop.jp Software Apache / Resource Hash `3ad9cea6365265de1b6b4976b906cd54a940e35008c3a71631985711bd9cbbc5` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php Response headers accept-ranges none content-encoding gzip date Wed, 02 Oct 2024 06:16:46 GMT content-type image/jpeg last-modified Mon, 31 Oct 2022 19:52:29 GMT server Apache vary Range,Accept-Encoding
GET H2	200	partners.png www.sasakidenki.com/event/cat65/2008/06/lee/sfe/supportfiles/	6 KB 6 KB	43ms 43ms	Image image/png	118.27.125.188 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/supportfiles/partners.png Requested by Host: www.sasakidenki.com URL: https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 118.27.125.188 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS 118-27-125-188.virt.lolipop.jp Software Apache / Resource Hash `bd2d58215161e0fc8ae398a2b24b37194cff3d793b9a3657e2e1a4cc5c661804` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php Response headers content-encoding gzip accept-ranges none content-length 6143 date Wed, 02 Oct 2024 06:16:46 GMT content-type image/png last-modified Mon, 31 Oct 2022 19:52:29 GMT server Apache vary Range,Accept-Encoding
GET H2	200	04.html Show response www.sasakidenki.com/event/cat65/2008/06/lee/sfe/iframe/ Frame C69D	217 B 339 B	55ms 55ms	Document text/html	118.27.125.188 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/iframe/04.html Requested by Host: www.sasakidenki.com URL: https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 118.27.125.188 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS 118-27-125-188.virt.lolipop.jp Software Apache / Resource Hash `4f3329f114a3d0fe7e1ac41a0973341af15886ac643c4888318be8db896942e2` Request headers Referer https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges none content-encoding gzip content-length 171 content-type text/html date Wed, 02 Oct 2024 06:16:46 GMT last-modified Mon, 31 Oct 2022 19:52:29 GMT server Apache vary Range,Accept-Encoding
GET H2	200	04.jpg www.sasakidenki.com/event/cat65/2008/06/lee/sfe/iframe/banners/ Frame C69D	115 KB 102 KB	63ms 62ms	Image image/jpeg	118.27.125.188 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/iframe/banners/04.jpg Requested by Host: www.sasakidenki.com URL: https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/iframe/04.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 118.27.125.188 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS 118-27-125-188.virt.lolipop.jp Software Apache / Resource Hash `0218ac996d49c7496282b13fd441bfe44815fbaf24fe7d6ee9e1d5fe7d824f80` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/iframe/04.html Response headers accept-ranges none content-encoding gzip date Wed, 02 Oct 2024 06:16:46 GMT content-type image/jpeg last-modified Mon, 31 Oct 2022 19:52:29 GMT server Apache vary Range,Accept-Encoding
GET H2	200	favicon.png www.sasakidenki.com/event/cat65/2008/06/lee/sfe/supportfiles/	3 KB 3 KB	14ms 14ms	Other image/png	118.27.125.188 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/supportfiles/favicon.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 118.27.125.188 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS 118-27-125-188.virt.lolipop.jp Software Apache / Resource Hash `8a73edb31547956a8ef9b87d84795705f1efb0f65531c3b3a58d83fbcb6d93c9` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php Response headers content-encoding gzip accept-ranges none content-length 2835 date Wed, 02 Oct 2024 06:16:46 GMT content-type image/png last-modified Mon, 31 Oct 2022 19:52:29 GMT server Apache vary Range,Accept-Encoding
GET H2	200	05.html Show response www.sasakidenki.com/event/cat65/2008/06/lee/sfe/iframe/ Frame C69D	217 B 338 B	14ms 14ms	Document text/html	118.27.125.188 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/iframe/05.html Requested by Host: www.sasakidenki.com URL: https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/index2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 118.27.125.188 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS 118-27-125-188.virt.lolipop.jp Software Apache / Resource Hash `e71c8b9cf4dfa1a336d6693ea7fd505c0f67ad8a3f56c1af85653c785653f3f6` Request headers Referer https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/iframe/04.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges none content-encoding gzip content-length 170 content-type text/html date Wed, 02 Oct 2024 06:16:49 GMT last-modified Mon, 31 Oct 2022 19:52:29 GMT server Apache vary Range,Accept-Encoding
GET H2	200	05.jpg www.sasakidenki.com/event/cat65/2008/06/lee/sfe/iframe/banners/ Frame C69D	147 KB 134 KB	22ms 22ms	Image image/jpeg	118.27.125.188 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/iframe/banners/05.jpg Requested by Host: www.sasakidenki.com URL: https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/iframe/05.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 118.27.125.188 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS 118-27-125-188.virt.lolipop.jp Software Apache / Resource Hash `44c9d9efcaea62ef98c04baa0d3757b9deffd89e14faa0d54bd1f5bf9375e331` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.sasakidenki.com/event/cat65/2008/06/lee/sfe/iframe/05.html Response headers accept-ranges none content-encoding gzip date Wed, 02 Oct 2024 06:16:49 GMT content-type image/jpeg last-modified Mon, 31 Oct 2022 19:52:29 GMT server Apache vary Range,Accept-Encoding

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SF Express (Transportation)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.sasakidenki.com
118.27.125.188
0218ac996d49c7496282b13fd441bfe44815fbaf24fe7d6ee9e1d5fe7d824f80
1c5ecc302bba15d4697650c26be7574e1fd6706b10b681fdd712f4f2a89672c5
3ad9cea6365265de1b6b4976b906cd54a940e35008c3a71631985711bd9cbbc5
44c9d9efcaea62ef98c04baa0d3757b9deffd89e14faa0d54bd1f5bf9375e331
4f3329f114a3d0fe7e1ac41a0973341af15886ac643c4888318be8db896942e2
52cc1e83214006996ec566906e7c506d600539e9ff50b1beb21cf6c71728ac8c
76c123904c78f728b0bba001d61adadca6b55ae20d1ea4f9985eb4a2eca55502
8a73edb31547956a8ef9b87d84795705f1efb0f65531c3b3a58d83fbcb6d93c9
bd2d58215161e0fc8ae398a2b24b37194cff3d793b9a3657e2e1a4cc5c661804
c29ab80d5178b03700ebbaaf7c3122d08c05d56be557e31ab765e9037422b899
e71c8b9cf4dfa1a336d6693ea7fd505c0f67ad8a3f56c1af85653c785653f3f6

www.sasakidenki.com Open in urlscan Pro 118.27.125.188 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

578 kBTransfer

624 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

www.sasakidenki.com Open in urlscan Pro
118.27.125.188 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

578 kB
Transfer

624 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!