www.saisonruol.com Open in urlscan Pro
155.94.179.92 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.saisonruol.com/
Submission: On January 21 via api (January 21st 2022, 2:24:55 pm UTC) from JP — Scanned from JP

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 155.94.179.92, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is www.saisonruol.com.
TLS certificate: Issued by R3 on January 21st 2022. Valid for: 3 months.

This is the only time www.saisonruol.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Saison Card (Financial) UC Card (Financial)

Domain & IP information

	IP Address	AS Autonomous System
13	155.94.179.92 155.94.179.92	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
1	218.12.76.151 218.12.76.151	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
1	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
15	3

13 155.94.179.92 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 155.94.179.92.static.quadranet.com

www.saisonruol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 218.12.76.151 (Baoding, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	saisonruol.com www.saisonruol.com	288 KB
2	51.la js.users.51.la — Cisco Umbrella Rank: 44479 ia.51.la — Cisco Umbrella Rank: 49534	6 KB
15	2

	Domain	Requested by
13	www.saisonruol.com	www.saisonruol.com
1	ia.51.la	www.saisonruol.com
1	js.users.51.la	www.saisonruol.com
15	3

This site contains no links.

Subject Issuer	Validity	Valid
www.saisonruol.com R3	`2022-01-21` - `2022-04-21`	3 months	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-04-19`	2 years	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-05-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.saisonruol.com/
Frame ID: 5CB75AB85F9066843E17866D8BB0A2FB
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SAISON CARD Netアンサー

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

294 kB
Transfer

317 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.saisonruol.com/	10 KB 3 KB	732ms 242ms	Document text/html	155.94.179.92 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://www.saisonruol.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.179.92 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 155.94.179.92.static.quadranet.com Software Apache / Resource Hash `3d31581e6848ac89b1524d9e7dfab2fcdfe95aa870a2c1a878811892925f59a1` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1 Accept-Language jp-JP,jp;q=0.9 Response headers vary Accept-Encoding content-encoding gzip content-length 2769 content-type text/html; charset=utf-8 date Fri, 21 Jan 2022 14:24:49 GMT server Apache
GET H2	200	index.css www.saisonruol.com/static/css/	18 KB 4 KB	111ms 110ms	Stylesheet text/css	155.94.179.92 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://www.saisonruol.com/static/css/index.css Requested by Host: www.saisonruol.com URL: https://www.saisonruol.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.179.92 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 155.94.179.92.static.quadranet.com Software Apache / Resource Hash `b35649790f19e96b18bf841f6f324d8426c41d2dd75accda0d5f4e0653944028` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://www.saisonruol.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1 Response headers date Fri, 21 Jan 2022 14:24:49 GMT content-encoding gzip last-modified Tue, 03 Dec 2019 16:48:06 GMT server Apache etag "4724-598cf75d37d80-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 3964
GET H2	200	layout.css www.saisonruol.com/static/css/	3 KB 883 B	112ms 111ms	Stylesheet text/css	155.94.179.92 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://www.saisonruol.com/static/css/layout.css Requested by Host: www.saisonruol.com URL: https://www.saisonruol.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.179.92 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 155.94.179.92.static.quadranet.com Software Apache / Resource Hash `766b9361bba45e02ec03d15b3e2ab80e70525570decb1473dfd6ab8ec49506fe` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://www.saisonruol.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1 Response headers date Fri, 21 Jan 2022 14:24:49 GMT content-encoding gzip last-modified Tue, 03 Dec 2019 16:34:22 GMT server Apache etag "a47-598cf44b63f80-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 806
GET H2	200	jackIframe.css www.saisonruol.com/static/css/	1 KB 736 B	112ms 112ms	Stylesheet text/css	155.94.179.92 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://www.saisonruol.com/static/css/jackIframe.css Requested by Host: www.saisonruol.com URL: https://www.saisonruol.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.179.92 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 155.94.179.92.static.quadranet.com Software Apache / Resource Hash `d8a6fc069a03cdcb918160c298a79fbb391662f183645c94360af5308b1918ad` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://www.saisonruol.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1 Response headers date Fri, 21 Jan 2022 14:24:49 GMT content-encoding gzip last-modified Tue, 03 Dec 2019 17:05:22 GMT server Apache etag "54f-598cfb3939880-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 659
GET H2	200	icon_saison.jpg www.saisonruol.com/static/images/	7 KB 7 KB	216ms 215ms	Image image/jpeg	155.94.179.92 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://www.saisonruol.com/static/images/icon_saison.jpg Requested by Host: www.saisonruol.com URL: https://www.saisonruol.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.179.92 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 155.94.179.92.static.quadranet.com Software Apache / Resource Hash `911ce713372a0044fe4b8a292410cdf85f4c0227a4c4e37facd6bc8a6bf2b2da` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://www.saisonruol.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1 Response headers date Fri, 21 Jan 2022 14:24:49 GMT last-modified Tue, 03 Dec 2019 16:34:22 GMT server Apache accept-ranges bytes etag "1aab-598cf44b63f80" content-length 6827 content-type image/jpeg
GET H2	200	key_ani.gif www.saisonruol.com/static/images/	177 KB 179 KB	216ms 215ms	Image image/gif	155.94.179.92 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://www.saisonruol.com/static/images/key_ani.gif Requested by Host: www.saisonruol.com URL: https://www.saisonruol.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.179.92 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 155.94.179.92.static.quadranet.com Software Apache / Resource Hash `8fca1ac0be84adf4e4c152bd6db10305f9af5f7761a41a90cd1d55a18b892221` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://www.saisonruol.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1 Response headers date Fri, 21 Jan 2022 14:24:49 GMT last-modified Tue, 03 Dec 2019 16:34:22 GMT server Apache accept-ranges bytes etag "2c4e6-598cf44b63f80" content-length 181478 content-type image/gif
GET H2	200	190902otukidama_520x230.jpg www.saisonruol.com/static/images/	46 KB 47 KB	216ms 215ms	Image image/jpeg	155.94.179.92 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://www.saisonruol.com/static/images/190902otukidama_520x230.jpg Requested by Host: www.saisonruol.com URL: https://www.saisonruol.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.179.92 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 155.94.179.92.static.quadranet.com Software Apache / Resource Hash `75973c5ac18ad0d5511bbda1e1e4a804e939ff2871fb3776d2849455cfb2eb9f` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://www.saisonruol.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1 Response headers date Fri, 21 Jan 2022 14:24:49 GMT last-modified Tue, 03 Dec 2019 17:02:30 GMT server Apache accept-ranges bytes etag "b909-598cfa9531580" content-length 47369 content-type image/jpeg
GET H2	200	window_icon.gif www.saisonruol.com/static/images/	86 B 133 B	216ms 215ms	Image image/gif	155.94.179.92 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://www.saisonruol.com/static/images/window_icon.gif Requested by Host: www.saisonruol.com URL: https://www.saisonruol.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.179.92 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 155.94.179.92.static.quadranet.com Software Apache / Resource Hash `a348c7a8a94430562064f02f77308e3e8bbaf912420b8cd77ad3956bdfbf7df5` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://www.saisonruol.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1 Response headers date Fri, 21 Jan 2022 14:24:49 GMT last-modified Tue, 03 Dec 2019 16:34:22 GMT server Apache accept-ranges bytes etag "56-598cf44b63f80" content-length 86 content-type image/gif
GET H2	200	footer_img.png www.saisonruol.com/static/images/	4 KB 4 KB	216ms 215ms	Image image/png	155.94.179.92 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://www.saisonruol.com/static/images/footer_img.png Requested by Host: www.saisonruol.com URL: https://www.saisonruol.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.179.92 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 155.94.179.92.static.quadranet.com Software Apache / Resource Hash `046dae1710bdf2c2a11b49acadad79bafc11b086ed2d79e3c1647f129a8b8ddd` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://www.saisonruol.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1 Response headers date Fri, 21 Jan 2022 14:24:49 GMT last-modified Tue, 03 Dec 2019 16:34:22 GMT server Apache accept-ranges bytes etag "e01-598cf44b63f80" content-length 3585 content-type image/png
GET H/1.1	200 OK	21141405.js Show response js.users.51.la/	5 KB 6 KB	505ms 120ms	Script application/javascript	218.12.76.151 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://js.users.51.la/21141405.js Requested by Host: www.saisonruol.com URL: https://www.saisonruol.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 218.12.76.151 Baoding, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software openresty / Resource Hash `80efc844c7896eb930fd66d774edb08ff5982c60622a99e6ce553661a8aa929e` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://www.saisonruol.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1 Response headers nginx-hit 1 Date Fri, 21 Jan 2022 14:24:43 GMT via CHN-HEshijiazhuang-AREACUCC1-CACHE24[10],CHN-HEshijiazhuang-AREACUCC1-CACHE26[0,TCP_HIT,8],CHN-SH-GLOBAL1-CACHE52[4],CHN-SH-GLOBAL1-CACHE109[0,TCP_HIT,3] X-CCDN-CacheTTL 86400 Age 19691452 Content-Disposition inline;filename=f.txt Connection keep-alive request-id 00000179E6D8A96B901618E8A0770804 x-reserved amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc Content-Length 4898 id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSkYeHdCQjtsWSbfYDgldDUKTM8brEpj Last-Modified Mon Jun 07 22:20:28 CST 2021 Server openresty ETag "31f76067735d89a71e4470cac8759c57" Content-Type application/javascript;charset=UTF-8 version-id G0011179E6D8A589FFFF90152AD43166 Accept-Ranges bytes x-hcs-proxy-type 1
GET H2	200	base.css www.saisonruol.com/static/css/	5 KB 2 KB	328ms 327ms	Stylesheet text/css	155.94.179.92 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://www.saisonruol.com/static/css/base.css Requested by Host: www.saisonruol.com URL: https://www.saisonruol.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.179.92 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 155.94.179.92.static.quadranet.com Software Apache / Resource Hash `91c0c077d5086ad616a7ade895807e9193aa4cdb423098b47e6cd2be92d9f6d4` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://www.saisonruol.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1 Response headers date Fri, 21 Jan 2022 14:24:49 GMT content-encoding gzip last-modified Tue, 03 Dec 2019 17:17:24 GMT server Apache etag "1351-598cfde9c7100-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1637
GET H2	200	ie8_btnBG2.png www.saisonruol.com/static/images/	3 KB 3 KB	294ms 293ms	Image image/png	155.94.179.92 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://www.saisonruol.com/static/images/ie8_btnBG2.png Requested by Host: www.saisonruol.com URL: https://www.saisonruol.com/static/css/index.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.179.92 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 155.94.179.92.static.quadranet.com Software Apache / Resource Hash `1ed19ea7ee0a908c19890a25bf56f01efe45d145f87e8f7f6964a79b8bbcec0b` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://www.saisonruol.com/static/css/index.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1 Response headers date Fri, 21 Jan 2022 14:24:49 GMT last-modified Tue, 03 Dec 2019 16:48:24 GMT server Apache accept-ranges bytes etag "a2f-598cf76e62600" content-length 2607 content-type image/png
GET H2	404	ie8_btnBG.png www.saisonruol.com/static/images/	40 KB 40 KB	294ms 294ms	Image text/html	155.94.179.92 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://www.saisonruol.com/static/images/ie8_btnBG.png Requested by Host: www.saisonruol.com URL: https://www.saisonruol.com/static/css/index.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.179.92 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 155.94.179.92.static.quadranet.com Software Apache / Resource Hash `c3a3bb3c798a2f458710c68b961ea0a25e63e5cf38dbb3f721feaa46fff901c2` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://www.saisonruol.com/static/css/index.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1 Response headers date Fri, 21 Jan 2022 14:24:49 GMT content-encoding gzip server Apache content-length 5362 vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	h3.gif www.saisonruol.com/static/images/	120 B 189 B	292ms 292ms	Image image/gif	155.94.179.92 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://www.saisonruol.com/static/images/h3.gif Requested by Host: www.saisonruol.com URL: https://www.saisonruol.com/static/css/jackIframe.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.179.92 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 155.94.179.92.static.quadranet.com Software Apache / Resource Hash `6dbfe2e8a966ff6518e842a34478a784dec9c08f2062692ae2e68ad9683c8631` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://www.saisonruol.com/static/css/jackIframe.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1 Response headers date Fri, 21 Jan 2022 14:24:49 GMT last-modified Tue, 03 Dec 2019 16:59:50 GMT server Apache accept-ranges bytes etag "78-598cf9fc9ad80" content-length 120 content-type image/gif
GET H/1.1	200	go1 ia.51.la/	0 215 B	1450ms 609ms	Image text/plain	183.131.207.66 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Show image Full URL https://ia.51.la/go1?id=21141405&rt=1642775083852&rl=16001200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1642775083852&tt=SAISON%2520CARD%2520Net%25E3%2582%25A2%25E3%2583%25B3%25E3%2582%25B5%25E3%2583%25BC&kw=&cu=https%253A%252F%252Fwww.saisonruol.com%252F&pu= Requested by* Host: www.saisonruol.com URL: https://www.saisonruol.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software CloudWAF / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://www.saisonruol.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1 Response headers Date Fri, 21 Jan 2022 14:24:45 GMT Server CloudWAF Connection keep-alive Content-Length 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Saison Card (Financial) UC Card (Financial)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| checkForm

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.saisonruol.com/	1969-12-31 23:59:59	Name: __tins__21141405 Value: %7B%22sid%22%3A%201642775083852%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201642776883852%7D
www.saisonruol.com/	1969-12-31 23:59:59	Name: __51cke__ Value:
www.saisonruol.com/	1969-12-31 23:59:59	Name: __51laig__ Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.saisonruol.com/static/images/ie8_btnBG.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ia.51.la
js.users.51.la
www.saisonruol.com
155.94.179.92
183.131.207.66
218.12.76.151
046dae1710bdf2c2a11b49acadad79bafc11b086ed2d79e3c1647f129a8b8ddd
1ed19ea7ee0a908c19890a25bf56f01efe45d145f87e8f7f6964a79b8bbcec0b
3d31581e6848ac89b1524d9e7dfab2fcdfe95aa870a2c1a878811892925f59a1
6dbfe2e8a966ff6518e842a34478a784dec9c08f2062692ae2e68ad9683c8631
75973c5ac18ad0d5511bbda1e1e4a804e939ff2871fb3776d2849455cfb2eb9f
766b9361bba45e02ec03d15b3e2ab80e70525570decb1473dfd6ab8ec49506fe
80efc844c7896eb930fd66d774edb08ff5982c60622a99e6ce553661a8aa929e
8fca1ac0be84adf4e4c152bd6db10305f9af5f7761a41a90cd1d55a18b892221
911ce713372a0044fe4b8a292410cdf85f4c0227a4c4e37facd6bc8a6bf2b2da
91c0c077d5086ad616a7ade895807e9193aa4cdb423098b47e6cd2be92d9f6d4
a348c7a8a94430562064f02f77308e3e8bbaf912420b8cd77ad3956bdfbf7df5
b35649790f19e96b18bf841f6f324d8426c41d2dd75accda0d5f4e0653944028
c3a3bb3c798a2f458710c68b961ea0a25e63e5cf38dbb3f721feaa46fff901c2
d8a6fc069a03cdcb918160c298a79fbb391662f183645c94360af5308b1918ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.saisonruol.com Open in urlscan Pro 155.94.179.92 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

294 kBTransfer

317 kBSize

3 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

www.saisonruol.com Open in urlscan Pro
155.94.179.92 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

294 kB
Transfer

317 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!