sofrito-music.com Open in urlscan Pro
124.156.198.80 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sofrito-music.com/imikazu/
Submission: On December 28 via manual (December 28th 2024, 12:11:18 pm UTC) from JP — Scanned from JP

Summary HTTP 9 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 124.156.198.80, located in Singapore, Singapore and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is sofrito-music.com.
TLS certificate: Issued by E5 on December 27th 2024. Valid for: 3 months.

This is the only time sofrito-music.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of Yokohama (banking)

Domain & IP information

	IP Address		AS Autonomous System
9	124.156.198.80 124.156.198.80		132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
9	1

9 124.156.198.80 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

sofrito-music.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	sofrito-music.com sofrito-music.com	104 KB
9	1

	Domain	Requested by
9	sofrito-music.com	sofrito-music.com
9	1

This site contains links to these domains. Also see Links.

Domain
www.parasol.anser.ne.jp

Subject Issuer	Validity	Valid
sofrito-music.com E5	`2024-12-27` - `2025-03-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sofrito-music.com/imikazu/
Frame ID: BBA2614E6EAC4A171D4BE3F75AC2B98D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

横浜銀行はまぎん365（サンロクゴ）｜横浜銀行

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

104 kB
Transfer

267 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.parasol.anser.ne.jp/ib/index.do?PT=IM&CCT0080=0138&format=01&OMIVisitorId=241218020670267
Title: ログインパスワードがわからない方

Search URL Search Domain Scan URL

URL: https://www.parasol.anser.ne.jp/ib/index.do?PT=IM&CCT0080=0138&format=03&OMISessionId=335ae6bd-bce2-4b92-9aaf-c6bb58782488&OMIVisitorId=200217169313418&OMIVisitorId=241218020670267
Title: 秘密の質問がわからない方

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response sofrito-music.com/imikazu/	478 B 588 B	544ms 210ms	Document text/html	124.156.198.80 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://sofrito-music.com/imikazu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 124.156.198.80 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.26.2 / Resource Hash `37fd686165a5128c16a0dcda22fccf88d0beb5aeae2efe6034857ce8dc0ea6f0` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sat, 28 Dec 2024 12:10:48 GMT ETag W/"676d6cfe-1de" Last-Modified Thu, 26 Dec 2024 14:49:34 GMT Server nginx/1.26.2 Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	index-DSf9FcLH.js Show response sofrito-music.com/imikazu/assets/	190 KB 71 KB	214ms 212ms	Script application/javascript	124.156.198.80 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://sofrito-music.com/imikazu/assets/index-DSf9FcLH.js Requested by Host: sofrito-music.com URL: https://sofrito-music.com/imikazu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 124.156.198.80 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.26.2 / Resource Hash `433e5438e8195a402853ef5b217d48a70dfbfb8e4b119013cbfb7ee4204311ca` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1 Origin https://sofrito-music.com Referer https://sofrito-music.com/imikazu/ Response headers Transfer-Encoding chunked Cache-Control max-age=2592000, public, max-age=2592000 Content-Encoding gzip ETag W/"676d6cfe-2f82d" Connection keep-alive Expires Mon, 27 Jan 2025 12:10:48 GMT Date Sat, 28 Dec 2024 12:10:48 GMT Content-Type application/javascript Last-Modified Thu, 26 Dec 2024 14:49:34 GMT Server nginx/1.26.2 Vary Accept-Encoding
GET H/1.1	200 OK	index-D1XlPkD_.css sofrito-music.com/imikazu/assets/	56 KB 10 KB	393ms 136ms	Stylesheet text/css	124.156.198.80 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://sofrito-music.com/imikazu/assets/index-D1XlPkD_.css Requested by Host: sofrito-music.com URL: https://sofrito-music.com/imikazu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 124.156.198.80 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.26.2 / Resource Hash `b079a016f7bda50c278ac30445e0bc0aa3b0b79058cd63e6243ff6c6dae7d606` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1 Origin https://sofrito-music.com Referer https://sofrito-music.com/imikazu/ Response headers Transfer-Encoding chunked Cache-Control max-age=2592000, public, max-age=2592000 Content-Encoding gzip ETag W/"676d6cfe-e0f7" Connection keep-alive Expires Mon, 27 Jan 2025 12:10:48 GMT Date Sat, 28 Dec 2024 12:10:48 GMT Content-Type text/css Last-Modified Thu, 26 Dec 2024 14:49:34 GMT Server nginx/1.26.2 Vary Accept-Encoding
POST H/1.1	200 OK	createOrGetUserInfo Show response sofrito-music.com/open/visitors/info/	259 B 605 B	293ms 292ms	XHR application/json	124.156.198.80 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://sofrito-music.com/open/visitors/info/createOrGetUserInfo Requested by Host: sofrito-music.com URL: https://sofrito-music.com/imikazu/assets/index-DSf9FcLH.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 124.156.198.80 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.26.2 / Resource Hash `7e08865ce0a288a3c652ce8a17d3cee41e82043c2faec866606dd6bfa031ede1` Request headers Referer https://sofrito-music.com/imikazu/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1 Accept application/json, text/plain, / Content-Type application/json Response headers Transfer-Encoding chunked Content-Encoding gzip Connection keep-alive Access-Control-Allow-Origin https://sofrito-music.com Date Sat, 28 Dec 2024 12:10:49 GMT Content-Type application/json; charset=utf-8 Vary Accept-Encoding, Origin Server nginx/1.26.2
GET H/1.1	200 OK	favicon.png sofrito-music.com/imikazu/	1 KB 2 KB	117ms 117ms	Other image/png	124.156.198.80 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://sofrito-music.com/imikazu/favicon.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 124.156.198.80 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.26.2 / Resource Hash `983ce31d2d807b41068af2f67c02309c34f26cdd5eb595973589211b339ce8bd` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1 Referer https://sofrito-music.com/imikazu/ Response headers Cache-Control max-age=2592000, public, max-age=2592000 ETag "676af7e6-55e" Connection keep-alive Expires Mon, 27 Jan 2025 12:10:48 GMT Accept-Ranges bytes Content-Length 1374 Date Sat, 28 Dec 2024 12:10:48 GMT Content-Type image/png Last-Modified Tue, 24 Dec 2024 18:05:26 GMT Server nginx/1.26.2
GET H/1.1	200 OK	getState Show response sofrito-music.com/open/visitors/info/	59 B 415 B	131ms 130ms	XHR application/json	124.156.198.80 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://sofrito-music.com/open/visitors/info/getState?uuid=f7010de0-e99f-4819-ac94-d98c95cac531 Requested by Host: sofrito-music.com URL: https://sofrito-music.com/imikazu/assets/index-DSf9FcLH.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 124.156.198.80 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.26.2 / Resource Hash `8eb434031c800898502e49fa1b85131f3ab143b27d0cfceff7c7f05026f5a823` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1 Accept application/json, text/plain, / Referer https://sofrito-music.com/imikazu/ Response headers Transfer-Encoding chunked Content-Encoding gzip Date Sat, 28 Dec 2024 12:10:49 GMT Content-Type application/json; charset=utf-8 Vary Accept-Encoding, Origin Server nginx/1.26.2 Connection keep-alive
GET H/1.1	200 OK	logo_main_01.svg sofrito-music.com/imikazu/	4 KB 4 KB	126ms 124ms	Image image/svg+xml	124.156.198.80 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://sofrito-music.com/imikazu/logo_main_01.svg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 124.156.198.80 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.26.2 / Resource Hash `9b07d6d7935cc67643273665bdc05bbc502b28b12826e6dff6854a146b48fffe` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1 Referer https://sofrito-music.com/imikazu/ Response headers Cache-Control max-age=2592000, public, max-age=2592000 ETag "676afbfe-e82" Connection keep-alive Expires Mon, 27 Jan 2025 12:10:49 GMT Accept-Ranges bytes Content-Length 3714 Date Sat, 28 Dec 2024 12:10:49 GMT Content-Type image/svg+xml Last-Modified Tue, 24 Dec 2024 18:22:54 GMT Server nginx/1.26.2
GET H/1.1	200 OK	logo_main_02.svg sofrito-music.com/imikazu/	15 KB 15 KB	121ms 120ms	Image image/svg+xml	124.156.198.80 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://sofrito-music.com/imikazu/logo_main_02.svg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 124.156.198.80 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.26.2 / Resource Hash `088457b86e9a674349dbe7b2a45a8c38f37817a4e58c1acf34d81784e080b7a3` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1 Referer https://sofrito-music.com/imikazu/ Response headers Cache-Control max-age=2592000, public, max-age=2592000 ETag "676afc06-3abc" Connection keep-alive Expires Mon, 27 Jan 2025 12:10:49 GMT Accept-Ranges bytes Content-Length 15036 Date Sat, 28 Dec 2024 12:10:49 GMT Content-Type image/svg+xml Last-Modified Tue, 24 Dec 2024 18:23:02 GMT Server nginx/1.26.2
GET H/1.1	200 OK	icon_blank_02.svg sofrito-music.com/imikazu/	236 B 589 B	243ms 120ms	Image image/svg+xml	124.156.198.80 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://sofrito-music.com/imikazu/icon_blank_02.svg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 124.156.198.80 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.26.2 / Resource Hash `d3f63cd23bfe81b6b1225f2f3572c0f5f01b0b58b27430a7374f627a466b7e8e` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1 Referer https://sofrito-music.com/imikazu/ Response headers Cache-Control max-age=2592000, public, max-age=2592000 ETag "676afc8c-ec" Connection keep-alive Expires Mon, 27 Jan 2025 12:10:50 GMT Accept-Ranges bytes Content-Length 236 Date Sat, 28 Dec 2024 12:10:50 GMT Content-Type image/svg+xml Last-Modified Tue, 24 Dec 2024 18:25:16 GMT Server nginx/1.26.2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of Yokohama (banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE__

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sofrito-music.com/	1970-01-21 10:49:05	Name: locale Value: en-us

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sofrito-music.com
124.156.198.80
088457b86e9a674349dbe7b2a45a8c38f37817a4e58c1acf34d81784e080b7a3
37fd686165a5128c16a0dcda22fccf88d0beb5aeae2efe6034857ce8dc0ea6f0
433e5438e8195a402853ef5b217d48a70dfbfb8e4b119013cbfb7ee4204311ca
7e08865ce0a288a3c652ce8a17d3cee41e82043c2faec866606dd6bfa031ede1
8eb434031c800898502e49fa1b85131f3ab143b27d0cfceff7c7f05026f5a823
983ce31d2d807b41068af2f67c02309c34f26cdd5eb595973589211b339ce8bd
9b07d6d7935cc67643273665bdc05bbc502b28b12826e6dff6854a146b48fffe
b079a016f7bda50c278ac30445e0bc0aa3b0b79058cd63e6243ff6c6dae7d606
d3f63cd23bfe81b6b1225f2f3572c0f5f01b0b58b27430a7374f627a466b7e8e

sofrito-music.com Open in urlscan Pro 124.156.198.80 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

104 kBTransfer

267 kBSize

1 Cookies

2 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

Indicators

sofrito-music.com Open in urlscan Pro
124.156.198.80 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

104 kB
Transfer

267 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!