www.line293.xyz Open in urlscan Pro
103.231.167.206  Malicious Activity! Public Scan

URL: https://www.line293.xyz/
Submission Tags: [phishing]
Submission: On February 24 via api from JP — Scanned from JP

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 103.231.167.206, located in Hong Kong and belongs to BCPL-SG BGPNET Global ASN, SG. The main domain is www.line293.xyz.
TLS certificate: Issued by R3 on February 22nd 2022. Valid for: 3 months.
This is the only time www.line293.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Line (Online)

Domain & IP information

IP Address AS Autonomous System
10 103.231.167.206 64050 (BCPL-SG B...)
10 1
Apex Domain
Subdomains
Transfer
10 line293.xyz
www.line293.xyz
66 KB
10 1
Domain Requested by
10 www.line293.xyz www.line293.xyz
10 1

This site contains no links.

Subject Issuer Validity Valid
line576.xyz
R3
2022-02-22 -
2022-05-23
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.line293.xyz/
Frame ID: 4903C6AD5587C1330FEC80AA5BEA4F29
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Line

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

66 kB
Transfer

131 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.line293.xyz/
3 KB
2 KB
Document
General
Full URL
https://www.line293.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.231.167.206 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
9b4984d9db940b0b680b6cf18c38c5ae58fd6642986ac5a15b3e204fff3a01b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

server
nginx
date
Thu, 24 Feb 2022 05:46:23 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
common.css
www.line293.xyz/static/line/Line/CSS/
396 B
599 B
Stylesheet
General
Full URL
https://www.line293.xyz/static/line/Line/CSS/common.css
Requested by
Host: www.line293.xyz
URL: https://www.line293.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.231.167.206 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
aec878841749ab41fae5812d57f6ecc4b44570e41b71b77f1e8a65da395f4eb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.line293.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 05:46:23 GMT
last-modified
Mon, 04 Oct 2021 07:42:14 GMT
server
nginx
etag
"615ab056-18c"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
content-length
396
expires
Thu, 24 Feb 2022 17:46:23 GMT
common.js
www.line293.xyz/static/line/Line/JS/
4 KB
1 KB
Script
General
Full URL
https://www.line293.xyz/static/line/Line/JS/common.js
Requested by
Host: www.line293.xyz
URL: https://www.line293.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.231.167.206 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
3760ec5b9e86eeaa73b3647ce49647580784b153d4a735c9431ec90149cec6a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.line293.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 05:46:23 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 14:42:58 GMT
server
nginx
etag
W/"615db5f2-fa6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Thu, 24 Feb 2022 17:46:23 GMT
ajax.js
www.line293.xyz/static/line/Line/JS/
1013 B
1 KB
Script
General
Full URL
https://www.line293.xyz/static/line/Line/JS/ajax.js
Requested by
Host: www.line293.xyz
URL: https://www.line293.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.231.167.206 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
b6a7031f9a34f1d26bde1c9af93ac324b631f1ca4f30bd496a02c386373cda3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.line293.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 05:46:23 GMT
last-modified
Mon, 04 Oct 2021 07:42:28 GMT
server
nginx
etag
"615ab064-3f5"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
1013
expires
Thu, 24 Feb 2022 17:46:23 GMT
alert.css
www.line293.xyz/static/line/Line/CSS/
5 KB
1 KB
Stylesheet
General
Full URL
https://www.line293.xyz/static/line/Line/CSS/alert.css
Requested by
Host: www.line293.xyz
URL: https://www.line293.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.231.167.206 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
b31778c9bd0482837ef6aad52908888f86b499041b287576b7ccd9d3edcfa312
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.line293.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 05:46:23 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 07:42:34 GMT
server
nginx
etag
W/"615ab06a-140a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Thu, 24 Feb 2022 17:46:23 GMT
jquery.min.js
www.line293.xyz/static/line/Line/JS/
91 KB
36 KB
Script
General
Full URL
https://www.line293.xyz/static/line/Line/JS/jquery.min.js
Requested by
Host: www.line293.xyz
URL: https://www.line293.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.231.167.206 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
c1bcc5f2066e4476e6dbab0b5a9b9700b86f4d6ebeb2900d73ee97e53753d4f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.line293.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 05:46:23 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 07:42:42 GMT
server
nginx
etag
W/"615ab072-16bb2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Thu, 24 Feb 2022 17:46:23 GMT
alert.js
www.line293.xyz/static/line/Line/JS/
6 KB
2 KB
Script
General
Full URL
https://www.line293.xyz/static/line/Line/JS/alert.js
Requested by
Host: www.line293.xyz
URL: https://www.line293.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.231.167.206 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
cb2af2c6dae1f3e9848e721807e6d40da02a1ff8b28972deb65eb605b5be7b22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.line293.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 05:46:23 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 07:42:48 GMT
server
nginx
etag
W/"615ab078-19aa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Thu, 24 Feb 2022 17:46:23 GMT
riicon.png
www.line293.xyz/static/line/Line/image/
11 KB
11 KB
Image
General
Full URL
https://www.line293.xyz/static/line/Line/image/riicon.png
Requested by
Host: www.line293.xyz
URL: https://www.line293.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.231.167.206 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
98bedf884fd3400f0dbe98be7b3dfedbe60b16d8a39bf320ce9dfbc73999f44b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.line293.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 05:46:23 GMT
last-modified
Mon, 04 Oct 2021 07:43:30 GMT
server
nginx
etag
"615ab0a2-2c5d"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11357
expires
Sat, 26 Mar 2022 05:46:23 GMT
kaishi.png
www.line293.xyz/static/line/Line/image/
2 KB
2 KB
Image
General
Full URL
https://www.line293.xyz/static/line/Line/image/kaishi.png
Requested by
Host: www.line293.xyz
URL: https://www.line293.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.231.167.206 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
a2661b760e30f7a9cef9e98585be87d46c8e264e1f2c4d69445945f0cbf904fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.line293.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 05:46:23 GMT
last-modified
Mon, 04 Oct 2021 07:43:38 GMT
server
nginx
etag
"615ab0aa-786"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1926
expires
Sat, 26 Mar 2022 05:46:23 GMT
6.gif
www.line293.xyz/static/line/Line/image/
8 KB
8 KB
Image
General
Full URL
https://www.line293.xyz/static/line/Line/image/6.gif
Requested by
Host: www.line293.xyz
URL: https://www.line293.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.231.167.206 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
8004a949a3ff93a7de69857b8ef25ebf3564a942991d014339a125dd94432894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.line293.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 05:46:23 GMT
last-modified
Mon, 04 Oct 2021 07:44:20 GMT
server
nginx
etag
"615ab0d4-1ee9"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7913
expires
Sat, 26 Mar 2022 05:46:23 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Line (Online)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| openZhezhao function| closeZhezhao function| openMssage function| closeMssage function| toPage function| encodeBianMa function| decodeJieMa function| checkNullLength function| checkNull function| checkLength function| booleToInt function| checkZhenshu function| checkFloat function| onkeypressFloat function| onkeyupFloat function| onblurFloat function| returnPage undefined| xmlHttpRequest function| createXmlHttpRequest function| ajax function| $ function| jQuery function| jqueryAlert function| doLogpage function| gogo

2 Cookies

Domain/Path Name / Value
www.line293.xyz/ Name: think_var
Value: ja-jp
www.line293.xyz/ Name: sfba4deee
Value: bqsbttp67i3ekg56uim8lqv2c7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000