secure.ne.jp.owaexchange.top
Open in
urlscan Pro
70.34.218.222
Public Scan
Effective URL: https://secure.ne.jp.owaexchange.top/auth.php?e=&STNmelpNTkc0a3BBUUc1cGJteG49Jk9lTHphZlhkUmJ6REk3dHVSUkxTPVpaMWtTUW5GY3R3ZGFyRTdoTzVB...
Submission: On November 21 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on November 17th 2023. Valid for: 3 months.
This is the only time secure.ne.jp.owaexchange.top was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2001:bc8:10::8 2001:bc8:10::8 | 12876 (Online SAS) (Online SAS) | |
1 10 | 70.34.218.222 70.34.218.222 | 20473 (AS-CHOOPA) (AS-CHOOPA) | |
10 | 2 |
ASN20473 (AS-CHOOPA, US)
PTR: 70.34.218.222.vultrusercontent.com
secure.ne.jp.owaexchange.top |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
owaexchange.top
1 redirects
secure.ne.jp.owaexchange.top |
539 KB |
1 |
scw.cloud
s3.fr-par.scw.cloud |
910 B |
10 | 2 |
Domain | Requested by | |
---|---|---|
10 | secure.ne.jp.owaexchange.top |
1 redirects
s3.fr-par.scw.cloud
secure.ne.jp.owaexchange.top |
1 | s3.fr-par.scw.cloud | |
10 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
s3.fr-par.scw.cloud R3 |
2023-11-14 - 2024-02-12 |
3 months | crt.sh |
secure.ne.jp.owaexchange.top R3 |
2023-11-17 - 2024-02-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://secure.ne.jp.owaexchange.top/auth.php?e=&STNmelpNTkc0a3BBUUc1cGJteG49Jk9lTHphZlhkUmJ6REk3dHVSUkxTPVpaMWtTUW5GY3R3ZGFyRTdoTzVBJmF3aFR6RXVGcHZyZGtRdXpXR3h2PVJVWHNiY1R1Z0pMQ2xzSmVrYm85
Frame ID: 09A40A56E967FC51D1799CAAC62547EC
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Page URL History Show full URLs
- https://s3.fr-par.scw.cloud/gqoytgddop/3ab7ccb692.html Page URL
-
https://secure.ne.jp.owaexchange.top/?email=
HTTP 302
https://secure.ne.jp.owaexchange.top/auth.php?e=&STNmelpNTkc0a3BBUUc1cGJteG49Jk9lTHphZlhkUmJ6REk3dHVSUkxTPVpaMWtT... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://s3.fr-par.scw.cloud/gqoytgddop/3ab7ccb692.html Page URL
-
https://secure.ne.jp.owaexchange.top/?email=
HTTP 302
https://secure.ne.jp.owaexchange.top/auth.php?e=&STNmelpNTkc0a3BBUUc1cGJteG49Jk9lTHphZlhkUmJ6REk3dHVSUkxTPVpaMWtTUW5GY3R3ZGFyRTdoTzVBJmF3aFR6RXVGcHZyZGtRdXpXR3h2PVJVWHNiY1R1Z0pMQ2xzSmVrYm85 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
3ab7ccb692.html
s3.fr-par.scw.cloud/gqoytgddop/ |
634 B 910 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
auth.php
secure.ne.jp.owaexchange.top/ Redirect Chain
|
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
secure.ne.jp.owaexchange.top/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.js
secure.ne.jp.owaexchange.top/ |
262 KB 76 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
profile.jpg
secure.ne.jp.owaexchange.top/images/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mail.png
secure.ne.jp.owaexchange.top/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
barcode.jpg
secure.ne.jp.owaexchange.top/images/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
disk_space.jpg
secure.ne.jp.owaexchange.top/images/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
footer.jpg
secure.ne.jp.owaexchange.top/images/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
phones5.png
secure.ne.jp.owaexchange.top/images/ |
420 KB 420 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
secure.ne.jp.owaexchange.top/ | Name: PHPSESSID Value: fe5jpvualnjnhpf32ajl0t6dnk |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
s3.fr-par.scw.cloud
secure.ne.jp.owaexchange.top
2001:bc8:10::8
70.34.218.222
2672d6d8afa87a00539e692baceea77c6463149b165df45424dff72f9abbcfd4
3093afe9ec59bb8dbef6ebff0dbab902ec4071e5e15deebe7d6c32f5228ebb20
4df7ccc91c84d568b97d5c99cf38ad1dec5635d7b91f5c8d096c0491ecfe7557
8389621efa6070631e86ae8fa5cf4d1848b3f6963e059a3522e67ecabeac004a
9a83502c410d418d8f08431e07be24a78d5c79d0cf98aeab81faedd8c3e8327b
9bceccc9c33552f45299afb479644ea43c09bd62c3fe5d88c0a694484fe7f0ec
a5e9593f8baab1fb5a6882ed6aa06f8e57cc85aaa3cf6aad0bfb87e239641d1a
cb583d9115ad90089f87a1eb9e5e1a09ff068a7f56a8e06af702c2cb4db4de69
d41ff10e298bff537ee2b39a3f3aaa3bd1ae99afeb12f5281c2d3ef84c16b982
fde96015383bae214e267b59473aa597cc39e190fc4d74cc3666ea2542d94087