saisoncard_co_jp.bbbjz.cn Open in urlscan Pro
2606:4700:3037::6815:3564 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://saisoncard_co_jp.bbbjz.cn/?login/response_type=code
Effective URL:
https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid
Submission: On November 17 via manual (November 17th 2021, 11:37:15 am UTC) from JP — Scanned from JP

Summary HTTP 15 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3037::6815:3564, located in United States and belongs to CLOUDFLARENET, US. The main domain is saisoncard_co_jp.bbbjz.cn.
TLS certificate: Issued by R3 on November 16th 2021. Valid for: 3 months.

This is the only time saisoncard_co_jp.bbbjz.cn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Saison Card (Financial)

Domain & IP information

	IP Address		AS Autonomous System
1 16	2606:4700:303... 2606:4700:3037::6815:3564		13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	1

16 2606:4700:3037::6815:3564 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

saisoncard_co_jp.bbbjz.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	bbbjz.cn 1 redirects saisoncard_co_jp.bbbjz.cn	92 KB
15	1

	Domain	Requested by
16	saisoncard_co_jp.bbbjz.cn	1 redirects saisoncard_co_jp.bbbjz.cn
15	1

This site contains links to these domains. Also see Links.

Domain
netanswerplus.saisoncard.co.jp
www.saisoncard.co.jp
api.saisoncard.co.jp

Subject Issuer	Validity	Valid
*.bbbjz.cn R3	`2021-11-16` - `2022-02-14`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid
Frame ID: 6090A68AC9AE54AF13B9C380AB4C16C0
Requests: 8 HTTP requests in this frame

Frame: https://saisoncard_co_jp.bbbjz.cn/static/index_1.html
Frame ID: 62ED98168B278ABF55A2DA0C3B197379
Requests: 5 HTTP requests in this frame

Frame: https://saisoncard_co_jp.bbbjz.cn/static/index_2.html
Frame ID: BF093D92B79828253B4B15459439F2D4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SAISON CARD Netアンサー

Page URL History Show full URLs

https://saisoncard_co_jp.bbbjz.cn/?login/response_type=code HTTP 302
https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid Page URL

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

92 kB
Transfer

109 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://netanswerplus.saisoncard.co.jp/WebPc/USA0201UIP01SCR.do
Title: Netアンサー新規登録（無料）

Search URL Search Domain Scan URL

URL: https://www.saisoncard.co.jp/netanswer/na009.html
Title: ID・パスワードをお忘れの方

Search URL Search Domain Scan URL

URL: https://netanswerplus.saisoncard.co.jp/WebPc/pages/images/person/faq/index.html
Title: よくあるお問い合わせ

Search URL Search Domain Scan URL

URL: https://www.saisoncard.co.jp/news/maintain
Title: メンテナンス情報

Search URL Search Domain Scan URL

URL: https://api.saisoncard.co.jp/auth/screen/7n/authorize?response_type=code&client_id=ZC003&state=&scope=openid
Title: クラブ・オン／ミレニアムカードでログイン

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://saisoncard_co_jp.bbbjz.cn/?login/response_type=code HTTP 302
https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login.php Show response saisoncard_co_jp.bbbjz.cn/ Redirect Chain https://saisoncard_co_jp.bbbjz.cn/?login/response_type=code https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid	6 KB 2 KB	214ms 213ms	Document text/html	2606:4700:3037::6815:3564 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3564 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cf9d4aaa64d8738b38ebe798dd6b11cff02cb5caed4311c8815a52c2f2a0866a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Response headers date Wed, 17 Nov 2021 11:37:11 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTHBVRm5cigsrQatAS0Jq83dEKTkP3d7fsdzp4z0tZm3QRyvuuw%2FvGG5qMLNq7SJ%2BrumI2WDLc89LgogpL2aMLUf8Q10wK1lZmNUuTr3QGDifZEVUTNw%2Fum3fTIOcwpJzC%2F4Zdv%2BdfszkxhEzlOMucgsHTzp6FeQ"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6af8aa652fc820b9-NRT content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers date Wed, 17 Nov 2021 11:37:11 GMT content-type text/html; charset=UTF-8 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache location login.php?response_type=code&client_id=ZC001&state=&scope=openid cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGltTnCinbwbs8VCccH8rG2qJh98uqgefrlew1EYG24nIV42ydkBPaGFb1ohMKqsdXOfU3CjfLOw62Yv0waUaL79OHwg3AO2SETqp%2BpWAMVNTgpaVRXp2r0WqY5ArqNoGbq9xD5Ddqt0Fy6U2WTJqaWgH6T%2BVXqp"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6af8aa62996020b9-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	index.css saisoncard_co_jp.bbbjz.cn/static/	17 KB 4 KB	10ms 10ms	Stylesheet text/css	2606:4700:3037::6815:3564 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://saisoncard_co_jp.bbbjz.cn/static/index.css Requested by Host: saisoncard_co_jp.bbbjz.cn URL: https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3564 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f8654300b37e18b54bad8e915a4ec78a39be0006ffda5c0f50cf25cdbb8c2ed1` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Wed, 17 Nov 2021 11:37:11 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26947 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Tue, 08 Jun 2021 02:24:08 GMT server cloudflare etag W/"60bed4c8-4541" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4afMXrhgsk7VhfYWpzg%2FX5QHtwbL1A7Aw8vq3tFrxA9vT3vvEqv6WDnsEdXMKC1OrYUSBUWqvIsDCgXWMtDvbBAXc8pNuhFkgAwYpw%2BhG81Mf%2FFRqPxRfcuh1KlRgyvd41T1I3gqZ87AOJF4s%2Bo7gfN6mmwAmDms"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 6af8aa66ab7320b9-NRT expires Wed, 17 Nov 2021 16:08:04 GMT
GET H2	200	layout.css saisoncard_co_jp.bbbjz.cn/static/	2 KB 1 KB	10ms 10ms	Stylesheet text/css	2606:4700:3037::6815:3564 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://saisoncard_co_jp.bbbjz.cn/static/layout.css Requested by Host: saisoncard_co_jp.bbbjz.cn URL: https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3564 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4d886ba5eca8e12d1332dabd5ff1a0440318d3269c83fa24235fcec0a121a860` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Wed, 17 Nov 2021 11:37:11 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26947 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Tue, 08 Jun 2021 02:24:08 GMT server cloudflare etag W/"60bed4c8-9d4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lolaZcSC4AXKVYDQLf1%2Fq6BDJXzay7ca9212wop7RAYSBfzoNLBMRuJBaemXr5cdbV8nX1%2BEshz0VlzS8brB0oenG9r1FiUwSfzhdsZD9%2FyDDGiFnCntH0ey8gHyis4p2aBEEMjbTuROhs6dSciKirndtNOf3XVu"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 6af8aa66ab7420b9-NRT expires Wed, 17 Nov 2021 16:08:04 GMT
GET H2	200	icon_saison_01.png saisoncard_co_jp.bbbjz.cn/static/	4 KB 4 KB	10ms 10ms	Image image/png	2606:4700:3037::6815:3564 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saisoncard_co_jp.bbbjz.cn/static/icon_saison_01.png Requested by Host: saisoncard_co_jp.bbbjz.cn URL: https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3564 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7829cd82e5b348bd82b5917ab6b4df98a0ca39a30a21d70735cf791e5e8b7bcf` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Wed, 17 Nov 2021 11:37:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26947 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 3923 last-modified Tue, 08 Jun 2021 02:24:08 GMT server cloudflare etag "60bed4c8-f53" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJvX%2BA9r1xO1RjUQNvpEKI4KCuK99fwsHYEh4FNZZCLB2%2BkSIDRNWyWVNMP2e1XJJ8WSML6uhv8iS4LcmCYuEsuiFTFL1PvxHQK%2F1uhbJAZh96%2F%2FVcqt7m%2B9WEKbXL%2F7b2uazxT7HaePou%2BmvyN5I1fgD82QPFpc"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 6af8aa66bb7620b9-NRT expires Fri, 17 Dec 2021 04:08:04 GMT
GET H2	200	footer_img.png saisoncard_co_jp.bbbjz.cn/static/	4 KB 4 KB	15ms 14ms	Image image/png	2606:4700:3037::6815:3564 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saisoncard_co_jp.bbbjz.cn/static/footer_img.png Requested by Host: saisoncard_co_jp.bbbjz.cn URL: https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3564 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `046dae1710bdf2c2a11b49acadad79bafc11b086ed2d79e3c1647f129a8b8ddd` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Wed, 17 Nov 2021 11:37:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26947 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 3585 last-modified Tue, 08 Jun 2021 02:24:09 GMT server cloudflare etag "60bed4c9-e01" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXEH6y5PE0kwPfMNB6gVKFysvXpNaGxcOB1SyaC9sA1cdLO74m6MS1EaKgi0WN%2FE50tS%2BM2kpH3NuiMlB0WuN1XX9NlhQSSHneeIm4Rjb1H5nnuCYNXnRsCUhNJt%2Bh2ezvRnRmhwnHzACk4N%2FOpUEeYyotdTrjmt"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 6af8aa66bb7720b9-NRT expires Fri, 17 Dec 2021 04:08:04 GMT
GET H2	200	index_1.html Show response saisoncard_co_jp.bbbjz.cn/static/ Frame 62ED	3 KB 2 KB	185ms 185ms	Document text/html	2606:4700:3037::6815:3564 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://saisoncard_co_jp.bbbjz.cn/static/index_1.html Requested by Host: saisoncard_co_jp.bbbjz.cn URL: https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3564 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `552e3a904f5510598ff849cc53cb3107038413f0400b1eb6d417094e893ffc1a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Referer https://saisoncard_co_jp.bbbjz.cn/login.php?response_type=code&client_id=ZC001&state=&scope=openid Response headers date Wed, 17 Nov 2021 11:37:11 GMT content-type text/html last-modified Tue, 08 Jun 2021 02:24:10 GMT vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seAK58tpSRVCuEzRsSFTE4cUKGYtqoQlN7tfKnwf8a%2FnSexeIUMA0NG2%2BiAzxk7wbqQ86pPykXuootD7NDYkMvfPawORTihcARN8C24jqM93hq8pObQqL4OVUNUKFFxNu4ojCEoWDBjLf1WhVcoWTGw7ZwZHiQmF"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6af8aa66bb7920b9-NRT content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	eye.png saisoncard_co_jp.bbbjz.cn/static/	14 KB 14 KB	9ms 8ms	Image image/png	2606:4700:3037::6815:3564 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saisoncard_co_jp.bbbjz.cn/static/eye.png Requested by Host: saisoncard_co_jp.bbbjz.cn URL: https://saisoncard_co_jp.bbbjz.cn/static/index.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3564 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `da0e225d66db0a3ebf1aa9d3ba389955f3f220836f577830c6d9f12e0f9f2a4c` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://saisoncard_co_jp.bbbjz.cn/static/index.css User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Wed, 17 Nov 2021 11:37:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26946 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 14292 last-modified Tue, 08 Jun 2021 02:24:09 GMT server cloudflare etag "60bed4c9-37d4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6h7iJglwuOzHWUavkoxeSMfCNzxpbbOp8kt2jBKs1vUbM6u8ITTKENh7PrZ2elaQ7G5vN%2FegPNxz%2FkzScb8Xvo6uYebB%2FzzO0uNT91k%2FUihTao8Hwfb43NXbFnm74ypbArEa77aupyEWERn0%2B%2BGqbN1%2FtTLWXA4W"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 6af8aa66cbb220b9-NRT expires Fri, 17 Dec 2021 04:08:04 GMT
GET H2	200	ie8_btnBG2.png saisoncard_co_jp.bbbjz.cn/static/	3 KB 3 KB	9ms 9ms	Image image/png	2606:4700:3037::6815:3564 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saisoncard_co_jp.bbbjz.cn/static/ie8_btnBG2.png Requested by Host: saisoncard_co_jp.bbbjz.cn URL: https://saisoncard_co_jp.bbbjz.cn/static/index.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3564 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1ed19ea7ee0a908c19890a25bf56f01efe45d145f87e8f7f6964a79b8bbcec0b` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://saisoncard_co_jp.bbbjz.cn/static/index.css User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Wed, 17 Nov 2021 11:37:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26946 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 2607 last-modified Tue, 08 Jun 2021 02:24:08 GMT server cloudflare etag "60bed4c8-a2f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1QFfauk%2F5PqAXTCI3PI9Vix%2BVVjby3HFNK9C3JLNDw%2BXC24128tkI82%2FXBC7ljk4rH32J09JBJIPyAuto30d1vrDC%2FxuS0%2BW6Mn9wlYyy%2FVnVAd%2BtxFm1fURhRmYmpU48BXVisgs%2BOJAHcf5Y3FIIhfn9mktyjt"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 6af8aa66cbb320b9-NRT expires Fri, 17 Dec 2021 04:08:04 GMT
GET H2	200	ie8_btnBG.png saisoncard_co_jp.bbbjz.cn/static/	4 KB 5 KB	9ms 9ms	Image image/png	2606:4700:3037::6815:3564 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saisoncard_co_jp.bbbjz.cn/static/ie8_btnBG.png Requested by Host: saisoncard_co_jp.bbbjz.cn URL: https://saisoncard_co_jp.bbbjz.cn/static/index.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3564 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b0f628c4204263d06e5a028c3f2df7a264df11d2766f7dfc50fe786bebda6df8` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://saisoncard_co_jp.bbbjz.cn/static/index.css User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Wed, 17 Nov 2021 11:37:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26946 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 4429 last-modified Tue, 08 Jun 2021 02:24:09 GMT server cloudflare etag "60bed4c9-114d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fp6%2Bmd%2FltT3HHJP2KCRJ%2F6x4Rq6NwOZrnQ16Or4qudmgqNdED0cW%2FN4lnbe8IZ5Nm2pKuNxxTCEi%2Bfoq4Mk%2Fj1gzqrXZzgGO87aLTMrUBXVXfAFaNE4gj3wpbSDwgCUSBWBPjSuOWb78aFgEylJxLnyRrBoP6PQx"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 6af8aa66cbb420b9-NRT expires Fri, 17 Dec 2021 04:08:04 GMT
GET H2	200	jackIframe.css saisoncard_co_jp.bbbjz.cn/static/ Frame 62ED	1 KB 1 KB	11ms 11ms	Stylesheet text/css	2606:4700:3037::6815:3564 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://saisoncard_co_jp.bbbjz.cn/static/jackIframe.css Requested by Host: saisoncard_co_jp.bbbjz.cn URL: https://saisoncard_co_jp.bbbjz.cn/static/index_1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3564 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9367d7e393890c3356b555a12f37fb086049e47cf9ce0aa1c69881a0c19e29fa` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://saisoncard_co_jp.bbbjz.cn/static/index_1.html User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Wed, 17 Nov 2021 11:37:11 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26947 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Tue, 08 Jun 2021 02:24:08 GMT server cloudflare etag W/"60bed4c8-5a9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCDJrXiWN%2BJsUdLXDxIh0d01%2FDXZ9a2jQD2gXpLm%2Fg%2F5IzWCQUlq4Cc%2FNlkttpmukRdWBbyIr8G%2BmgTVQFdc2l7tokNGVo%2FFefB535KsQNo567a6yobG1qs2tRG1%2FC1EcMWGc%2F3VXRTKZbsH3o6P8rjtm%2FsTr3ZJ"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 6af8aa682eaf20b9-NRT expires Wed, 17 Nov 2021 16:08:04 GMT
GET H2	200	window_icon.gif saisoncard_co_jp.bbbjz.cn/static/ Frame 62ED	86 B 441 B	18ms 18ms	Image image/gif	2606:4700:3037::6815:3564 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saisoncard_co_jp.bbbjz.cn/static/window_icon.gif Requested by Host: saisoncard_co_jp.bbbjz.cn URL: https://saisoncard_co_jp.bbbjz.cn/static/index_1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3564 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a348c7a8a94430562064f02f77308e3e8bbaf912420b8cd77ad3956bdfbf7df5` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://saisoncard_co_jp.bbbjz.cn/static/index_1.html User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Wed, 17 Nov 2021 11:37:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26947 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 86 last-modified Tue, 08 Jun 2021 02:24:08 GMT server cloudflare etag "60bed4c8-56" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICHhJLs813mkLTISyy8jSWRJw1mZE3cADFbHZHTPlr%2FldDtdsMY6mI04P3PnqonXE4IaKXB5de0blG6JQ2o4JpvhR6dpKsccuAawhPT%2Bxw4wN6zgHHpXdHF%2F1l7IHZjOD8uieRr0oaRg8Ps5RBcUppU87teiH04y"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 6af8aa682eb520b9-NRT expires Fri, 17 Dec 2021 04:08:04 GMT
GET H2	200	index_2.html Show response saisoncard_co_jp.bbbjz.cn/static/ Frame BF09	827 B 717 B	183ms 183ms	Document text/html	2606:4700:3037::6815:3564 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://saisoncard_co_jp.bbbjz.cn/static/index_2.html Requested by Host: saisoncard_co_jp.bbbjz.cn URL: https://saisoncard_co_jp.bbbjz.cn/static/index_1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3564 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7bbdc7e793682202a44b508fab1c898d86fa50d30898ca6985c3bef851a01867` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Referer https://saisoncard_co_jp.bbbjz.cn/static/index_1.html Response headers date Wed, 17 Nov 2021 11:37:11 GMT content-type text/html last-modified Tue, 08 Jun 2021 02:24:09 GMT cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQCF056vffJ%2BZ3SG44FHCubLMcYhWfF5M3UzCFYi7rBm%2BOiWOXIliRm%2FLPrSXsT%2Ba4Uy9Hk0WWnB7ivhBsNk9Dato%2FGktiznTqlARhMpfo5j9KNphZYBi8scMKnhX33I%2BkkH5eIv0UpnLZsATxjP7tScnuVnRLFU"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6af8aa682eb920b9-NRT content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	h3.gif saisoncard_co_jp.bbbjz.cn/static/ Frame 62ED	120 B 453 B	17ms 16ms	Image image/gif	2606:4700:3037::6815:3564 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saisoncard_co_jp.bbbjz.cn/static/h3.gif Requested by Host: saisoncard_co_jp.bbbjz.cn URL: https://saisoncard_co_jp.bbbjz.cn/static/jackIframe.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3564 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6dbfe2e8a966ff6518e842a34478a784dec9c08f2062692ae2e68ad9683c8631` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://saisoncard_co_jp.bbbjz.cn/static/jackIframe.css User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Wed, 17 Nov 2021 11:37:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26946 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 120 last-modified Tue, 08 Jun 2021 02:24:08 GMT server cloudflare etag "60bed4c8-78" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MK8MOO6BdDKY7282oy8sxTHh2c7Q8qQH1XnxPEK2BuV0xNfO7ks8MlAz%2FK1ujnTJNTbDnuGFhGn3oQ2%2FEvySTHWcSv3Rxt8Zq%2Fn9pEteT%2FlkM0uQXAXDWtSQ0Bq1hE00FfC1ikaOcKfjK2VeI7D7PpquDDtQpZBM"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 6af8aa685f1220b9-NRT expires Fri, 17 Dec 2021 04:08:05 GMT
GET H2	200	ico_arrow.gif saisoncard_co_jp.bbbjz.cn/static/ Frame 62ED	197 B 787 B	20ms 19ms	Image image/gif	2606:4700:3037::6815:3564 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saisoncard_co_jp.bbbjz.cn/static/ico_arrow.gif Requested by Host: saisoncard_co_jp.bbbjz.cn URL: https://saisoncard_co_jp.bbbjz.cn/static/jackIframe.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3564 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `46b1e9712828ae8ad0dd0b7a6eb8b93aaaf6e014c97a5bf5b194749229f460c0` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://saisoncard_co_jp.bbbjz.cn/static/jackIframe.css User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Wed, 17 Nov 2021 11:37:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26946 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 197 last-modified Tue, 08 Jun 2021 02:24:09 GMT server cloudflare etag "60bed4c9-c5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gp5nP2Cg2vSJ0imVm0lnGE%2BNxUkkIlAmI0kxPfUznwX%2Bm8dARnZJFrvCHUtdoZt8G8%2B5acrDyLMl5cg57V06Is%2BBNh9r3P%2FEDtchTgmS2CEDj%2BDKXsirbWeF8fg1Z4gojBPoBBI59QrXMICqNH1doyqXYBL7GzaO"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 6af8aa685f1420b9-NRT expires Fri, 17 Dec 2021 04:08:05 GMT
GET H2	200	C59230banner_520_230_CS_1.jpg saisoncard_co_jp.bbbjz.cn/static/ Frame BF09	49 KB 49 KB	16ms 15ms	Image image/jpeg	2606:4700:3037::6815:3564 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saisoncard_co_jp.bbbjz.cn/static/C59230banner_520_230_CS_1.jpg Requested by Host: saisoncard_co_jp.bbbjz.cn URL: https://saisoncard_co_jp.bbbjz.cn/static/index_2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3564 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5adb62fd4421883e71ab213d58415c3da5fd194d9eb382edd576c2742517ea38` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://saisoncard_co_jp.bbbjz.cn/static/index_2.html User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Wed, 17 Nov 2021 11:37:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26946 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 49801 last-modified Tue, 08 Jun 2021 02:24:08 GMT server cloudflare etag "60bed4c8-c289" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXResR%2FxHEp2DHtzxZTwHvW1AzdDFkujrU%2BtvBcYe3r%2B4Dm691bcEd4Nq9i379KEBE6h68HkxpoMcnvjADpJRKNTfVyOZA8YP4E1NJoc3fW4GnuJpPAnzJB8GV%2B4kTNlNGzJVk6P7UQfEJ6FIEJdWuKMTVKDq4GP"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 6af8aa698a0c20b9-NRT expires Fri, 17 Dec 2021 04:08:05 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Saison Card (Financial)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			saisoncard_co_jp.bbbjz.cn/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7rhjk5rm49rcropla2utmjt6m4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

saisoncard_co_jp.bbbjz.cn
2606:4700:3037::6815:3564
046dae1710bdf2c2a11b49acadad79bafc11b086ed2d79e3c1647f129a8b8ddd
1ed19ea7ee0a908c19890a25bf56f01efe45d145f87e8f7f6964a79b8bbcec0b
46b1e9712828ae8ad0dd0b7a6eb8b93aaaf6e014c97a5bf5b194749229f460c0
4d886ba5eca8e12d1332dabd5ff1a0440318d3269c83fa24235fcec0a121a860
552e3a904f5510598ff849cc53cb3107038413f0400b1eb6d417094e893ffc1a
5adb62fd4421883e71ab213d58415c3da5fd194d9eb382edd576c2742517ea38
6dbfe2e8a966ff6518e842a34478a784dec9c08f2062692ae2e68ad9683c8631
7829cd82e5b348bd82b5917ab6b4df98a0ca39a30a21d70735cf791e5e8b7bcf
7bbdc7e793682202a44b508fab1c898d86fa50d30898ca6985c3bef851a01867
9367d7e393890c3356b555a12f37fb086049e47cf9ce0aa1c69881a0c19e29fa
a348c7a8a94430562064f02f77308e3e8bbaf912420b8cd77ad3956bdfbf7df5
b0f628c4204263d06e5a028c3f2df7a264df11d2766f7dfc50fe786bebda6df8
cf9d4aaa64d8738b38ebe798dd6b11cff02cb5caed4311c8815a52c2f2a0866a
da0e225d66db0a3ebf1aa9d3ba389955f3f220836f577830c6d9f12e0f9f2a4c
f8654300b37e18b54bad8e915a4ec78a39be0006ffda5c0f50cf25cdbb8c2ed1

saisoncard_co_jp.bbbjz.cn Open in urlscan Pro 2606:4700:3037::6815:3564 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

92 kBTransfer

109 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

1 Cookies

Indicators

saisoncard_co_jp.bbbjz.cn Open in urlscan Pro
2606:4700:3037::6815:3564 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

92 kB
Transfer

109 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!