saikou.xrea.jp
Open in
urlscan Pro
150.95.9.227
Malicious Activity!
Public Scan
Submission: On August 29 via manual from JP
Summary
This is the only time saikou.xrea.jp was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPay (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 150.95.9.227 150.95.9.227 | 58791 (GMOOSK-NE...) (GMOOSK-NET GMO Internet) | |
7 | 1 |
ASN58791 (GMOOSK-NET GMO Internet,Inc, JP)
PTR: s1007.xrea.com
saikou.xrea.jp |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
xrea.jp
saikou.xrea.jp |
219 KB |
7 | 1 |
Domain | Requested by | |
---|---|---|
7 | saikou.xrea.jp |
saikou.xrea.jp
|
7 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
ameblo.jp |
www.asahi-shoes.co.jp |
www.gunze.style |
www.paypay-corp.co.jp |
itp.ne.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh |
This page contains 1 frames:
Primary Page:
http://saikou.xrea.jp/
Frame ID: BE63F94F2426AD2713484EEA2AA97E32
Requests: 7 HTTP requests in this frame
5 Outgoing links
These are links going to different origins than the main page.
Title: さいこうブログ
Search URL Search Domain Scan URL
Title: 「快歩主義 」
Search URL Search Domain Scan URL
Title: 「グンゼ快適工房」
Search URL Search Domain Scan URL
Title: スマホ決算OK
Search URL Search Domain Scan URL
Title: iタウンページ
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
saikou.xrea.jp/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saiko.css
saikou.xrea.jp/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo2.png
saikou.xrea.jp/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shop.png
saikou.xrea.jp/ |
153 KB 153 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
test.jpg
saikou.xrea.jp/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
staff.png
saikou.xrea.jp/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img_logo.png
saikou.xrea.jp/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPay (Financial)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
saikou.xrea.jp
150.95.9.227
0a9b11a00b2bce833025f2b88a4b9534ee1baf8cb938d95b15be26c192a9a063
3b82d8bd29147da4708f95fbad40113ac4c9e8bd23c456c48c8f46779bd65dfc
3c55fc24a77e0534c564a3991891c32c29b2f153acb9ba27a7d8f75e3a4f702a
5ae82ced18f26ecb4117409ff2d4bdda73abde9f5a0e20ac42a8fa1ac9b34585
5ce0788f10f668965b394bd2e16cbb7c3b35bbb7aac0c362efdb0e3cb0f0f530
85d8235086d5204a1788a3111cd8d0c4bdb3f35c14cf1d4ac0712d2840d673da
c9e369e301a487d2d3d479002097675c9ddde7290c433d48dd09f8445f3a2a22