inc.home-dr.net
Open in
urlscan Pro
115.144.69.102
Malicious Activity!
Public Scan
URL:
https://inc.home-dr.net/login.php
Submission: On May 10 via manual from JP — Scanned from JP
Submission: On May 10 via manual from JP — Scanned from JP
Summary
This website contacted 1 IPs
in 1 countries
across 1 domains to perform 14 HTTP transactions.
The main IP is 115.144.69.102, located in
Gangseo-gu, Korea, Republic Of and
belongs to KINXIDC-AS-KR KINX, KR.
The main domain is inc.home-dr.net.
TLS certificate: Issued by R3 on May 9th 2022. Valid for: 3 months.
This is the only time inc.home-dr.net was scanned on urlscan.io!
TLS certificate: Issued by R3 on May 9th 2022. Valid for: 3 months.
This is the only time inc.home-dr.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: SAKURA Internet (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 14 | 115.144.69.102 115.144.69.102 | 9286 (KINXIDC-A...) (KINXIDC-AS-KR KINX) | |
| 14 | 1 |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 14 |
home-dr.net
inc.home-dr.net |
86 KB |
| 14 | 1 |
| Domain | Requested by | |
|---|---|---|
| 14 | inc.home-dr.net |
inc.home-dr.net
|
| 14 | 1 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| secure.sakura.ad.jp |
| www.sakura.ad.jp |
| help.sakura.ad.jp |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| inc.home-dr.net R3 |
2022-05-09 - 2022-08-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://inc.home-dr.net/login.php
Frame ID: 40557CDA70C024FE67D105527239C8F2
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
会員メニュー|さくらインターネットDetected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Flat UI
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+flat-ui(?:\.min)?\.css
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
URL: https://secure.sakura.ad.jp/member/searches
Title: 会員IDをお忘れの方
Title: 会員IDをお忘れの方
Search URL Search Domain Scan URL
URL: https://secure.sakura.ad.jp/member/password/resets/acceptance
Title: パスワード発行・再発行
Title: パスワード発行・再発行
Search URL Search Domain Scan URL
URL: https://secure.sakura.ad.jp/signup3/member-register/input.html
Title: 新規会員登録
Title: 新規会員登録
Search URL Search Domain Scan URL
URL: https://www.sakura.ad.jp/corporate/corp/
Title: 企業情報
Title: 企業情報
Search URL Search Domain Scan URL
URL: https://help.sakura.ad.jp/115000161182/
Title: ご不明点・お問合せ先
Title: ご不明点・お問合せ先
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
login.php
inc.home-dr.net/ |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flat-ui.min.css
inc.home-dr.net/public/css1/ |
128 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
validationEngine.jquery.css
inc.home-dr.net/public/css1/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.css
inc.home-dr.net/public/css1/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
short.css
inc.home-dr.net/public/css1/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header.css
inc.home-dr.net/public/css1/ |
2 KB 818 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer.css
inc.home-dr.net/public/css1/ |
808 B 1011 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modal.css
inc.home-dr.net/public/css1/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loding.css
inc.home-dr.net/public/css1/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loginCommon.css
inc.home-dr.net/public/css1/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loginFirstStep.css
inc.home-dr.net/public/css1/ |
1 KB 786 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.3.1.min.js
inc.home-dr.net/public/js/ |
54 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.validationEngine.js
inc.home-dr.net/public/js/ |
71 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
osu-logo.png
inc.home-dr.net/public/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: SAKURA Internet (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| inc.home-dr.net/ | Name: PHPSESSID Value: 12hm2p5gqe911v67atm5gtqi63 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
inc.home-dr.net
115.144.69.102
17ec1f16efac893b9bd89bba5f13cb1e0bf938bdc9cece6cae3ed77f18fa6fd7
19125f7d4bdc5277e66f92fe4e979618d4fd9f36749a199f3eb0b5b01d037093
1a4f7dc4200fe81a8d92276247c77e27b4ff91f286f6d887c2abf0ee94d38d04
236ef773ada586788328670c1350733ced6c50310e488e207b9ec575bc3c5a2b
2846c5272911208c5a6c1870cf26446ee45e51ccb7a0c62970bf5747afa04019
36cd065bfb7d5b67f4bd3f1ce0a0e125ad6790078b01734c44679ad7b6b60157
456f4d127f4cc0cb1c9df398f7cf5e0f481098c644f00d9e4b459531f68174b4
5571b125c687ff533cdca43764d03cc5f22ceea1be76ea5ad8f374361a006138
8dae0d4fa4a8e24c4ce334eaa7662e01f4579a155a4e933bd137acff10f52c36
a4c9701e2a239493beb245ab925e22ddc533e6c6f92cd60f26e6b7e55d0d66dc
b856c7d0fa9b4e5a01de86d4fbc5948dec1c40617589e809c5b343d9ba3740d8
ba45b967503ceb6af8922e6d809f1345e1fb3c1d213d6fb06b7abe7f5cf9497b
d1293448cfd6ca56dc36546c9065dc1b05d2b3e197c5ef8d0e9debcdd14fcda6
d5463c9ae4adc3cf4a8486dd7c21a58e00a04023546688007cc52a618f23d7be