login.saisoncord.jp.2343432.xyz Open in urlscan Pro
204.44.68.164  Malicious Activity! Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request jgjkdfjkgd Show response login.saisoncord.jp.2343432.xyz/	578 B 469 B	1107ms 235ms	Document text/html	204.44.68.164 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://login.saisoncord.jp.2343432.xyz/jgjkdfjkgd Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.68.164 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.68.164.static.quadranet.com Software Apache / Resource Hash bce89faf70e19fa8a726734c95c32862db2548bc395646272db8563a864c069b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 331 content-type text/html date Sun, 10 Jul 2022 16:04:41 GMT etag "242-5e2b3d4658680-gzip" last-modified Fri, 01 Jul 2022 00:54:34 GMT server Apache vary Accept-Encoding
GET H2	200	app.0.63915724450328381656608068543.css login.saisoncord.jp.2343432.xyz/static/css/	140 KB 42 KB	251ms 248ms	Stylesheet text/css	204.44.68.164 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://login.saisoncord.jp.2343432.xyz/static/css/app.0.63915724450328381656608068543.css Requested by Host: login.saisoncord.jp.2343432.xyz URL: https://login.saisoncord.jp.2343432.xyz/jgjkdfjkgd Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.68.164 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.68.164.static.quadranet.com Software Apache / Resource Hash 94105fff37a426931f4560fd6e1fb113628a9711eb7cddd0133eb86207902bfb Request headers accept-language jp-JP,jp;q=0.9 Referer https://login.saisoncord.jp.2343432.xyz/jgjkdfjkgd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:04:42 GMT content-encoding gzip last-modified Fri, 01 Jul 2022 00:54:34 GMT server Apache etag "22e57-5e2b3d4658680-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes
GET H2	200	1656608068543.0.081272219551622671656608068543.js Show response login.saisoncord.jp.2343432.xyz/static/js/	235 KB 83 KB	711ms 709ms	Script application/javascript	204.44.68.164 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://login.saisoncord.jp.2343432.xyz/static/js/1656608068543.0.081272219551622671656608068543.js Requested by Host: login.saisoncord.jp.2343432.xyz URL: https://login.saisoncord.jp.2343432.xyz/jgjkdfjkgd Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.68.164 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.68.164.static.quadranet.com Software Apache / Resource Hash 959839e0b931896b38928aa131691e8b2cdb3e030d56cbf5f00eef262ea30f60 Request headers accept-language jp-JP,jp;q=0.9 Referer https://login.saisoncord.jp.2343432.xyz/jgjkdfjkgd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:04:42 GMT content-encoding gzip last-modified Fri, 01 Jul 2022 00:54:34 GMT server Apache etag "3aa96-5e2b3d4658680-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET H2	200	app.0.081272219551622671656608068543.js Show response login.saisoncord.jp.2343432.xyz/static/js/	3 KB 1 KB	247ms 245ms	Script application/javascript	204.44.68.164 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://login.saisoncord.jp.2343432.xyz/static/js/app.0.081272219551622671656608068543.js Requested by Host: login.saisoncord.jp.2343432.xyz URL: https://login.saisoncord.jp.2343432.xyz/jgjkdfjkgd Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.68.164 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.68.164.static.quadranet.com Software Apache / Resource Hash 73311dee524bd2b6c3277b07bc7c9246fd4a27e33a8986d2b390c1ef7caf86bc Request headers accept-language jp-JP,jp;q=0.9 Referer https://login.saisoncord.jp.2343432.xyz/jgjkdfjkgd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:04:42 GMT content-encoding gzip last-modified Fri, 01 Jul 2022 00:54:34 GMT server Apache etag "a5a-5e2b3d4658680-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1197
GET H2	200	4.0.141659172867396151656608068543.js Show response login.saisoncord.jp.2343432.xyz/static/js/	1 KB 636 B	236ms 235ms	Script application/javascript	204.44.68.164 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://login.saisoncord.jp.2343432.xyz/static/js/4.0.141659172867396151656608068543.js Requested by Host: login.saisoncord.jp.2343432.xyz URL: https://login.saisoncord.jp.2343432.xyz/static/js/1656608068543.0.081272219551622671656608068543.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.68.164 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.68.164.static.quadranet.com Software Apache / Resource Hash c63c56ddec2092592593d508a0657fd456e6543dc79401bc752f6e07d5fea3eb Request headers accept-language jp-JP,jp;q=0.9 Referer https://login.saisoncord.jp.2343432.xyz/jgjkdfjkgd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:04:43 GMT content-encoding gzip last-modified Fri, 01 Jul 2022 00:54:34 GMT server Apache etag "433-5e2b3d4658680-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 559
GET H2	200	saisoncard-v1.php Show response fh.fh-008.xyz/	1 B 603 B	751ms 730ms	XHR text/html	2606:4700:3032::ac43:b596 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fh.fh-008.xyz/saisoncard-v1.php Requested by Host: login.saisoncord.jp.2343432.xyz URL: https://login.saisoncord.jp.2343432.xyz/static/js/1656608068543.0.081272219551622671656608068543.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:b596 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Request headers Accept application/json, text/plain, */* Referer https://login.saisoncord.jp.2343432.xyz/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:04:43 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods POST content-type text/html;charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtgM7F7t9FVdL2LvNTY82XFyS2PzhoJUW66yPLLNQgBrucmIAJJN50O23CG43cx5144hV8ljf5jSEcgZQpzumplG8Z6UvL7t4JJWasagy5eysZuGHYagR%2F9u%2BlqN4n%2BSjM08%2F8TrClliVah6"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 728a8969888e8a6c-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jump.php Show response login.saisoncord.jp.2343432.xyz/api/	2 B 249 B	562ms 561ms	XHR text/html	204.44.68.164 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://login.saisoncord.jp.2343432.xyz/api/jump.php Requested by Host: login.saisoncord.jp.2343432.xyz URL: https://login.saisoncord.jp.2343432.xyz/static/js/1656608068543.0.081272219551622671656608068543.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.68.164 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.68.164.static.quadranet.com Software Apache / Resource Hash d8463bd3ba4b10e5916f65fa7b0c1f9f91f67ca40cc25b48810fb2f5a3340488 Request headers Accept application/json, text/plain, */* Referer https://login.saisoncord.jp.2343432.xyz/jgjkdfjkgd accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Sun, 10 Jul 2022 16:04:44 GMT content-encoding gzip server Apache vary Accept-Encoding access-control-allow-methods * content-type text/html;charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true content-length 22 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	3.0.141659172867396151656608068543.js Show response login.saisoncord.jp.2343432.xyz/static/js/	18 KB 10 KB	234ms 234ms	Script application/javascript	204.44.68.164 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://login.saisoncord.jp.2343432.xyz/static/js/3.0.141659172867396151656608068543.js Requested by Host: login.saisoncord.jp.2343432.xyz URL: https://login.saisoncord.jp.2343432.xyz/static/js/1656608068543.0.081272219551622671656608068543.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.68.164 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.68.164.static.quadranet.com Software Apache / Resource Hash 58b5358d70129f42bcc751bc199a027f0183dc5cace6408fcba8a153552202e1 Request headers accept-language jp-JP,jp;q=0.9 Referer https://login.saisoncord.jp.2343432.xyz/jgjkdfjkgd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:04:44 GMT content-encoding gzip last-modified Fri, 01 Jul 2022 00:54:34 GMT server Apache etag "46e0-5e2b3d4658680-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 9764
GET H/1.1	200 OK	index.html Show response api.saisoncard.co.jp/html/NA/PC/iframe/ Frame CC65	4 KB 4 KB	67ms 13ms	Document text/html	210.151.8.173 ODN SoftBank Corp.
General Check archive.org Show headers Download Go to Full URL https://api.saisoncard.co.jp/html/NA/PC/iframe/index.html Requested by Host: login.saisoncord.jp.2343432.xyz URL: https://login.saisoncord.jp.2343432.xyz/static/js/1656608068543.0.081272219551622671656608068543.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.151.8.173 , Japan, ASN4725 (ODN SoftBank Corp., JP), Reverse DNS Software Apache / Resource Hash 8acc1c37aefb20f2fc4c5812d8f94f47c85287452e4b37dc5fd6c4c75998157b Request headers Referer https://login.saisoncord.jp.2343432.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Accept-Ranges bytes Content-Length 4106 Content-Type text/html Date Sun, 10 Jul 2022 16:04:44 GMT ETag "100a" Last-Modified Tue, 14 Sep 2021 04:26:03 GMT Server Apache X-Cnection close
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7829cd82e5b348bd82b5917ab6b4df98a0ca39a30a21d70735cf791e5e8b7bcf Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 046dae1710bdf2c2a11b49acadad79bafc11b086ed2d79e3c1647f129a8b8ddd Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b5396b96d122928321773117aad160b5c7e0806334fc1477479123cd4a66683e Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1ed19ea7ee0a908c19890a25bf56f01efe45d145f87e8f7f6964a79b8bbcec0b Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b0f628c4204263d06e5a028c3f2df7a264df11d2766f7dfc50fe786bebda6df8 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	agreement.js Show response api.saisoncard.co.jp/html/ Frame CC65	1 KB 2 KB	5ms 4ms	Script application/javascript	210.151.8.173 ODN SoftBank Corp.
General Check archive.org Show headers Download Go to Full URL https://api.saisoncard.co.jp/html/agreement.js Requested by Host: api.saisoncard.co.jp URL: https://api.saisoncard.co.jp/html/NA/PC/iframe/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.151.8.173 , Japan, ASN4725 (ODN SoftBank Corp., JP), Reverse DNS Software Apache / Resource Hash 0534de8aa76330dd00be2ca15c817fb1c593ca6afca8a115cc6069dcd0cc475c Request headers accept-language jp-JP,jp;q=0.9 Referer https://api.saisoncard.co.jp/html/NA/PC/iframe/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Sun, 10 Jul 2022 16:04:44 GMT Last-Modified Fri, 07 May 2021 09:05:31 GMT Server Apache ETag "528" Content-Type application/javascript X-Cnection close Accept-Ranges bytes Content-Length 1320
GET H/1.1	200 OK	jackIframe.css api.saisoncard.co.jp/html/NA/PC/iframe/pages/css/ Frame CC65	1 KB 2 KB	9ms 4ms	Stylesheet text/css	210.151.8.173 ODN SoftBank Corp.
General Check archive.org Show headers Download Go to Full URL https://api.saisoncard.co.jp/html/NA/PC/iframe/pages/css/jackIframe.css Requested by Host: api.saisoncard.co.jp URL: https://api.saisoncard.co.jp/html/NA/PC/iframe/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.151.8.173 , Japan, ASN4725 (ODN SoftBank Corp., JP), Reverse DNS Software Apache / Resource Hash 70cb0f56464f2b9816cbe66ac6886ca874a032b1599c7ff08e2c43e294fd19ee Request headers accept-language jp-JP,jp;q=0.9 Referer https://api.saisoncard.co.jp/html/NA/PC/iframe/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Sun, 10 Jul 2022 16:04:44 GMT Last-Modified Tue, 13 Dec 2016 06:39:29 GMT Server Apache ETag "5b9" Content-Type text/css X-Cnection close Accept-Ranges bytes Content-Length 1465
GET H/1.1	200 OK	window_icon.gif api.saisoncard.co.jp/html/images/ Frame CC65	86 B 302 B	4ms 4ms	Image image/gif	210.151.8.173 ODN SoftBank Corp.
General Check archive.org Show headers Download Go to Show image Full URL https://api.saisoncard.co.jp/html/images/window_icon.gif Requested by Host: api.saisoncard.co.jp URL: https://api.saisoncard.co.jp/html/NA/PC/iframe/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.151.8.173 , Japan, ASN4725 (ODN SoftBank Corp., JP), Reverse DNS Software Apache / Resource Hash a348c7a8a94430562064f02f77308e3e8bbaf912420b8cd77ad3956bdfbf7df5 Request headers accept-language jp-JP,jp;q=0.9 Referer https://api.saisoncard.co.jp/html/NA/PC/iframe/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Sun, 10 Jul 2022 16:04:44 GMT Last-Modified Wed, 04 Oct 2017 00:10:28 GMT Server Apache ETag "56" Content-Type image/gif X-Cnection close Accept-Ranges bytes Content-Length 86
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame CC65	110 KB 42 KB	79ms 40ms	Script application/javascript	2404:6800:4004:821::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5M9LCS3 Requested by Host: api.saisoncard.co.jp URL: https://api.saisoncard.co.jp/html/NA/PC/iframe/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 01d53430571c3c6ff2e263400b8042d7ee3eded09f5030fdbfe4e6f312fc1a0f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://api.saisoncard.co.jp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:04:44 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42452 x-xss-protection 0 last-modified Sun, 10 Jul 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 10 Jul 2022 16:04:44 GMT
GET H2	200	banner.html Show response netanswerplus.saisoncard.co.jp/WebPc/pages/images/person/login/banner/ Frame 812F	2 KB 3 KB	96ms 17ms	Document text/html	45.60.48.171 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://netanswerplus.saisoncard.co.jp/WebPc/pages/images/person/login/banner/banner.html?page=login_NAPC Requested by Host: api.saisoncard.co.jp URL: https://api.saisoncard.co.jp/html/NA/PC/iframe/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.48.171 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash d0e55331d7a1fd15db468e700c757a744ebabe4173f33ddd3083e12b4f0bfb97 Request headers Referer https://api.saisoncard.co.jp/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers accept-ranges bytes access-control-allow-origin https://api.saisoncard.co.jp content-type text/html date Sun, 10 Jul 2022 16:04:44 GMT etag "973" last-modified Mon, 21 Feb 2022 05:09:39 GMT server Apache x-cdn Imperva x-cnection close x-iinfo 13-36164859-36164862 NNNN CT(3 4 0) RT(1657469084670 6) q(0 0 0 0) r(0 0) U5
GET H/1.1	200 OK	h3.gif api.saisoncard.co.jp/html/NA/PC/iframe/pages/images/ Frame CC65	120 B 337 B	4ms 4ms	Image image/gif	210.151.8.173 ODN SoftBank Corp.
General Check archive.org Show headers Download Go to Show image Full URL https://api.saisoncard.co.jp/html/NA/PC/iframe/pages/images/h3.gif Requested by Host: api.saisoncard.co.jp URL: https://api.saisoncard.co.jp/html/NA/PC/iframe/pages/css/jackIframe.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.151.8.173 , Japan, ASN4725 (ODN SoftBank Corp., JP), Reverse DNS Software Apache / Resource Hash 6dbfe2e8a966ff6518e842a34478a784dec9c08f2062692ae2e68ad9683c8631 Request headers accept-language jp-JP,jp;q=0.9 Referer https://api.saisoncard.co.jp/html/NA/PC/iframe/pages/css/jackIframe.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Sun, 10 Jul 2022 16:04:44 GMT Last-Modified Thu, 12 Apr 2012 09:57:30 GMT Server Apache ETag "78" Content-Type image/gif X-Cnection close Accept-Ranges bytes Content-Length 120
GET H/1.1	200 OK	ico_arrow.gif api.saisoncard.co.jp/html/NA/PC/iframe/pages/images/ Frame CC65	197 B 414 B	5ms 4ms	Image image/gif	210.151.8.173 ODN SoftBank Corp.
General Check archive.org Show headers Download Go to Show image Full URL https://api.saisoncard.co.jp/html/NA/PC/iframe/pages/images/ico_arrow.gif Requested by Host: api.saisoncard.co.jp URL: https://api.saisoncard.co.jp/html/NA/PC/iframe/pages/css/jackIframe.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.151.8.173 , Japan, ASN4725 (ODN SoftBank Corp., JP), Reverse DNS Software Apache / Resource Hash 46b1e9712828ae8ad0dd0b7a6eb8b93aaaf6e014c97a5bf5b194749229f460c0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://api.saisoncard.co.jp/html/NA/PC/iframe/pages/css/jackIframe.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Sun, 10 Jul 2022 16:04:44 GMT Last-Modified Thu, 12 Apr 2012 09:57:30 GMT Server Apache ETag "c5" Content-Type image/gif X-Cnection close Accept-Ranges bytes Content-Length 197
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame CC65	49 KB 20 KB	45ms 2ms	Script text/javascript	2404:6800:4004:823::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M9LCS3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://api.saisoncard.co.jp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 7187 date Sun, 10 Jul 2022 14:04:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sun, 10 Jul 2022 16:04:57 GMT
GET H2	200	_Incapsula_Resource Show response netanswerplus.saisoncard.co.jp/ Frame 812F	149 KB 21 KB	9ms 9ms	Script application/javascript	45.60.48.171 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://netanswerplus.saisoncard.co.jp/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1783589400 Requested by Host: netanswerplus.saisoncard.co.jp URL: https://netanswerplus.saisoncard.co.jp/WebPc/pages/images/person/login/banner/banner.html?page=login_NAPC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.48.171 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 96d1c54684dd0f097c3bfc02e55a6a30bd6706a9850f4c4568697a7a8c45b805 Request headers accept-language jp-JP,jp;q=0.9 Referer https://netanswerplus.saisoncard.co.jp/WebPc/pages/images/person/login/banner/banner.html?page=login_NAPC User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-encoding gzip cache-control no-cache, no-store x-robots-tag noindex content-length 21431 content-type application/javascript
GET H2	200	2202_login_520_230.jpg netanswerplus.saisoncard.co.jp/WebPc/pages/images/person/login/images/ Frame 812F	27 KB 27 KB	19ms 18ms	Image image/jpeg	45.60.48.171 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://netanswerplus.saisoncard.co.jp/WebPc/pages/images/person/login/images/2202_login_520_230.jpg Requested by Host: netanswerplus.saisoncard.co.jp URL: https://netanswerplus.saisoncard.co.jp/WebPc/pages/images/person/login/banner/banner.html?page=login_NAPC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.48.171 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash a485d61bbecaf28799bc489e555e816b61205600d282ac15f2eeb65ff6ee12f9 Request headers accept-language jp-JP,jp;q=0.9 Referer https://netanswerplus.saisoncard.co.jp/WebPc/pages/images/person/login/banner/banner.html?page=login_NAPC User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:04:44 GMT last-modified Fri, 18 Feb 2022 07:20:50 GMT server Apache etag "6ada" content-type image/jpeg access-control-allow-origin https://api.saisoncard.co.jp x-iinfo 13-36164859-36164862 PNNN RT(1657469084670 39) q(0 0 0 -1) r(0 0) U5 x-cnection close accept-ranges bytes content-length 27354 x-cdn Imperva
GET H2	200	_Incapsula_Resource netanswerplus.saisoncard.co.jp/ Frame 812F	1 B 255 B	1ms 1ms	Image text/plain	45.60.48.171 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://netanswerplus.saisoncard.co.jp/_Incapsula_Resource?SWKMTFSR=1&e=0.5654055330099448 Requested by Host: netanswerplus.saisoncard.co.jp URL: https://netanswerplus.saisoncard.co.jp/WebPc/pages/images/person/login/banner/banner.html?page=login_NAPC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.48.171 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://netanswerplus.saisoncard.co.jp/WebPc/pages/images/person/login/banner/banner.html?page=login_NAPC User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers cache-control no-cache, no-store x-robots-tag noindex content-length 1 content-type text/plain

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Saison Card (Financial)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login.saisoncord.jp.2343432.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: jhgebg3fbv4sa8l114cifjj3rs

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.saisoncard.co.jp
fh.fh-008.xyz
login.saisoncord.jp.2343432.xyz
netanswerplus.saisoncard.co.jp
www.google-analytics.com
www.googletagmanager.com
204.44.68.164
210.151.8.173
2404:6800:4004:821::2008
2404:6800:4004:823::200e
2606:4700:3032::ac43:b596
45.60.48.171
01d53430571c3c6ff2e263400b8042d7ee3eded09f5030fdbfe4e6f312fc1a0f
046dae1710bdf2c2a11b49acadad79bafc11b086ed2d79e3c1647f129a8b8ddd
0534de8aa76330dd00be2ca15c817fb1c593ca6afca8a115cc6069dcd0cc475c
1ed19ea7ee0a908c19890a25bf56f01efe45d145f87e8f7f6964a79b8bbcec0b
46b1e9712828ae8ad0dd0b7a6eb8b93aaaf6e014c97a5bf5b194749229f460c0
58b5358d70129f42bcc751bc199a027f0183dc5cace6408fcba8a153552202e1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dbfe2e8a966ff6518e842a34478a784dec9c08f2062692ae2e68ad9683c8631
70cb0f56464f2b9816cbe66ac6886ca874a032b1599c7ff08e2c43e294fd19ee
73311dee524bd2b6c3277b07bc7c9246fd4a27e33a8986d2b390c1ef7caf86bc
7829cd82e5b348bd82b5917ab6b4df98a0ca39a30a21d70735cf791e5e8b7bcf
8acc1c37aefb20f2fc4c5812d8f94f47c85287452e4b37dc5fd6c4c75998157b
94105fff37a426931f4560fd6e1fb113628a9711eb7cddd0133eb86207902bfb
959839e0b931896b38928aa131691e8b2cdb3e030d56cbf5f00eef262ea30f60
96d1c54684dd0f097c3bfc02e55a6a30bd6706a9850f4c4568697a7a8c45b805
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a348c7a8a94430562064f02f77308e3e8bbaf912420b8cd77ad3956bdfbf7df5
a485d61bbecaf28799bc489e555e816b61205600d282ac15f2eeb65ff6ee12f9
b0f628c4204263d06e5a028c3f2df7a264df11d2766f7dfc50fe786bebda6df8
b5396b96d122928321773117aad160b5c7e0806334fc1477479123cd4a66683e
bce89faf70e19fa8a726734c95c32862db2548bc395646272db8563a864c069b
c63c56ddec2092592593d508a0657fd456e6543dc79401bc752f6e07d5fea3eb
d0e55331d7a1fd15db468e700c757a744ebabe4173f33ddd3083e12b4f0bfb97
d8463bd3ba4b10e5916f65fa7b0c1f9f91f67ca40cc25b48810fb2f5a3340488
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855