saison.mffgdc.com Open in urlscan Pro
107.173.255.12 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://saison.mffgdc.com/
Submission Tags: 7509061
Submission: On May 07 via api (May 7th 2022, 12:38:18 am UTC) from US — Scanned from JP

Summary HTTP 16 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 16 HTTP transactions. The main IP is 107.173.255.12, located in Los Angeles, United States and belongs to AS-COLOCROSSING, US. The main domain is saison.mffgdc.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on May 6th 2022. Valid for: 3 months.

This is the only time saison.mffgdc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Saison Card (Financial) UC Card (Financial)

Domain & IP information

	IP Address	AS Autonomous System
13	107.173.255.12 107.173.255.12	36352 (AS-COLOCR...) (AS-COLOCROSSING)
1	210.151.8.173 210.151.8.173	4725 (ODN SoftB...) (ODN SoftBank Corp.)
1	14.17.102.110 14.17.102.110	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
16	4

13 107.173.255.12 (Los Angeles, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 107-173-255-12-host.colocrossing.com

saison.mffgdc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.151.8.173 (Japan)

ASN4725 (ODN SoftBank Corp., JP)

api.saisoncard.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 14.17.102.110 (Shenzhen, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	mffgdc.com saison.mffgdc.com	256 KB
2	51.la js.users.51.la — Cisco Umbrella Rank: 39482 ia.51.la — Cisco Umbrella Rank: 36541	3 KB
1	saisoncard.co.jp api.saisoncard.co.jp	302 B
16	3

	Domain	Requested by
13	saison.mffgdc.com	saison.mffgdc.com
1	ia.51.la	saison.mffgdc.com
1	js.users.51.la	saison.mffgdc.com
1	api.saisoncard.co.jp	saison.mffgdc.com
16	4

This site contains links to these domains. Also see Links.

Domain
www.saisoncard.co.jp
netanswerplus.saisoncard.co.jp
api.saisoncard.co.jp

Subject Issuer	Validity	Valid
saison.hhflij.com ZeroSSL RSA Domain Secure Site CA	`2022-05-06` - `2022-08-04`	3 months	crt.sh
api.saisoncard.co.jp Cybertrust Japan SureServer EV CA G3	`2021-12-02` - `2022-12-31`	a year	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-03-29` - `2023-04-30`	a year	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-04-19` - `2023-05-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://saison.mffgdc.com/
Frame ID: CBCEE571FE873BC4B29E4083BEF31F14
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SAISON CARD Netアンサー

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

259 kB
Transfer

288 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.saisoncard.co.jp/news/pop/20191125android.html
Title: AndroidでNetアンサーをご利用中にエラーが発生する事象について

Search URL Search Domain Scan URL

URL: http://www.saisoncard.co.jp/netanswer/openid/index.html
Title: Yahoo! JAPAN IDログインサービス終了について

Search URL Search Domain Scan URL

URL: https://netanswerplus.saisoncard.co.jp/WebPc/pages/images/person/SP_fishing/?20140611
Title: ログイン後に「カード番号」「暗証番号」などを入力させる画面にご注意ください

Search URL Search Domain Scan URL

URL: http://www.saisoncard.co.jp/news/pop/nc20131226_phishing.html
Title: Netアンサーを装ったサイトにご注意ください

Search URL Search Domain Scan URL

URL: https://netanswerplus.saisoncard.co.jp/WebPc/pages/images/person/SP_authentication/?20140611
Title: セキュリティ強化施策について

Search URL Search Domain Scan URL

URL: https://api.saisoncard.co.jp/html/kiyaku_netanswer_contents.html
Title: 情報連携ご利用に関する注意事項及び永久不滅ウォレット規約

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response saison.mffgdc.com/	13 KB 3 KB	1229ms 1000ms	Document text/html	107.173.255.12 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://saison.mffgdc.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.173.255.12 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 107-173-255-12-host.colocrossing.com Software Apache / Resource Hash `c84c29fd5b0efe5457733b16e143409c0c7000efe96c78b2e0766d79680c7a77` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers content-encoding gzip content-length 3334 content-type text/html; charset=utf-8 date Sat, 07 May 2022 00:38:11 GMT server Apache vary Accept-Encoding
GET H2	200	index.css saison.mffgdc.com/static/css/	18 KB 4 KB	106ms 105ms	Stylesheet text/css	107.173.255.12 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://saison.mffgdc.com/static/css/index.css Requested by Host: saison.mffgdc.com URL: https://saison.mffgdc.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.173.255.12 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 107-173-255-12-host.colocrossing.com Software Apache / Resource Hash `b35649790f19e96b18bf841f6f324d8426c41d2dd75accda0d5f4e0653944028` Request headers accept-language jp-JP,jp;q=0.9 Referer https://saison.mffgdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sat, 07 May 2022 00:38:12 GMT content-encoding gzip last-modified Tue, 03 Dec 2019 16:48:06 GMT server Apache etag "4724-598cf75d37d80-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 3964
GET H2	200	layout.css saison.mffgdc.com/static/css/	3 KB 883 B	107ms 106ms	Stylesheet text/css	107.173.255.12 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://saison.mffgdc.com/static/css/layout.css Requested by Host: saison.mffgdc.com URL: https://saison.mffgdc.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.173.255.12 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 107-173-255-12-host.colocrossing.com Software Apache / Resource Hash `766b9361bba45e02ec03d15b3e2ab80e70525570decb1473dfd6ab8ec49506fe` Request headers accept-language jp-JP,jp;q=0.9 Referer https://saison.mffgdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sat, 07 May 2022 00:38:12 GMT content-encoding gzip last-modified Tue, 03 Dec 2019 16:34:22 GMT server Apache etag "a47-598cf44b63f80-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 806
GET H2	200	jackIframe.css saison.mffgdc.com/static/css/	1 KB 736 B	107ms 107ms	Stylesheet text/css	107.173.255.12 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://saison.mffgdc.com/static/css/jackIframe.css Requested by Host: saison.mffgdc.com URL: https://saison.mffgdc.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.173.255.12 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 107-173-255-12-host.colocrossing.com Software Apache / Resource Hash `d8a6fc069a03cdcb918160c298a79fbb391662f183645c94360af5308b1918ad` Request headers accept-language jp-JP,jp;q=0.9 Referer https://saison.mffgdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sat, 07 May 2022 00:38:12 GMT content-encoding gzip last-modified Tue, 03 Dec 2019 17:05:22 GMT server Apache etag "54f-598cfb3939880-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 659
GET H2	200	icon_saison.jpg saison.mffgdc.com/static/images/	7 KB 7 KB	206ms 205ms	Image image/jpeg	107.173.255.12 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://saison.mffgdc.com/static/images/icon_saison.jpg Requested by Host: saison.mffgdc.com URL: https://saison.mffgdc.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.173.255.12 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 107-173-255-12-host.colocrossing.com Software Apache / Resource Hash `911ce713372a0044fe4b8a292410cdf85f4c0227a4c4e37facd6bc8a6bf2b2da` Request headers accept-language jp-JP,jp;q=0.9 Referer https://saison.mffgdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sat, 07 May 2022 00:38:12 GMT last-modified Tue, 03 Dec 2019 16:34:22 GMT server Apache accept-ranges bytes etag "1aab-598cf44b63f80" content-length 6827 content-type image/jpeg
GET H2	200	key_ani.gif saison.mffgdc.com/static/images/	177 KB 179 KB	206ms 205ms	Image image/gif	107.173.255.12 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://saison.mffgdc.com/static/images/key_ani.gif Requested by Host: saison.mffgdc.com URL: https://saison.mffgdc.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.173.255.12 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 107-173-255-12-host.colocrossing.com Software Apache / Resource Hash `8fca1ac0be84adf4e4c152bd6db10305f9af5f7761a41a90cd1d55a18b892221` Request headers accept-language jp-JP,jp;q=0.9 Referer https://saison.mffgdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sat, 07 May 2022 00:38:12 GMT last-modified Tue, 03 Dec 2019 16:34:22 GMT server Apache accept-ranges bytes etag "2c4e6-598cf44b63f80" content-length 181478 content-type image/gif
GET H2	200	190902otukidama_520x230.jpg saison.mffgdc.com/static/images/	46 KB 47 KB	206ms 206ms	Image image/jpeg	107.173.255.12 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://saison.mffgdc.com/static/images/190902otukidama_520x230.jpg Requested by Host: saison.mffgdc.com URL: https://saison.mffgdc.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.173.255.12 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 107-173-255-12-host.colocrossing.com Software Apache / Resource Hash `75973c5ac18ad0d5511bbda1e1e4a804e939ff2871fb3776d2849455cfb2eb9f` Request headers accept-language jp-JP,jp;q=0.9 Referer https://saison.mffgdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sat, 07 May 2022 00:38:12 GMT last-modified Tue, 03 Dec 2019 17:02:30 GMT server Apache accept-ranges bytes etag "b909-598cfa9531580" content-length 47369 content-type image/jpeg
GET H2	200	window_icon.gif saison.mffgdc.com/static/images/	86 B 133 B	206ms 206ms	Image image/gif	107.173.255.12 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://saison.mffgdc.com/static/images/window_icon.gif Requested by Host: saison.mffgdc.com URL: https://saison.mffgdc.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.173.255.12 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 107-173-255-12-host.colocrossing.com Software Apache / Resource Hash `a348c7a8a94430562064f02f77308e3e8bbaf912420b8cd77ad3956bdfbf7df5` Request headers accept-language jp-JP,jp;q=0.9 Referer https://saison.mffgdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sat, 07 May 2022 00:38:12 GMT last-modified Tue, 03 Dec 2019 16:34:22 GMT server Apache accept-ranges bytes etag "56-598cf44b63f80" content-length 86 content-type image/gif
GET H/1.1	200 OK	window_icon.gif api.saisoncard.co.jp/html/images/	86 B 302 B	69ms 12ms	Image image/gif	210.151.8.173 ODN SoftBank Corp.
General Check archive.org Show headers Download Go to Show image Full URL https://api.saisoncard.co.jp/html/images/window_icon.gif Requested by Host: saison.mffgdc.com URL: https://saison.mffgdc.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.151.8.173 , Japan, ASN4725 (ODN SoftBank Corp., JP), Reverse DNS Software Apache / Resource Hash `a348c7a8a94430562064f02f77308e3e8bbaf912420b8cd77ad3956bdfbf7df5` Request headers accept-language jp-JP,jp;q=0.9 Referer https://saison.mffgdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Sat, 07 May 2022 00:38:12 GMT Last-Modified Wed, 04 Oct 2017 00:10:28 GMT Server Apache ETag "56" Content-Type image/gif X-Cnection close Accept-Ranges bytes Content-Length 86
GET H2	200	footer_img.png saison.mffgdc.com/static/images/	4 KB 4 KB	207ms 206ms	Image image/png	107.173.255.12 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://saison.mffgdc.com/static/images/footer_img.png Requested by Host: saison.mffgdc.com URL: https://saison.mffgdc.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.173.255.12 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 107-173-255-12-host.colocrossing.com Software Apache / Resource Hash `046dae1710bdf2c2a11b49acadad79bafc11b086ed2d79e3c1647f129a8b8ddd` Request headers accept-language jp-JP,jp;q=0.9 Referer https://saison.mffgdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sat, 07 May 2022 00:38:12 GMT last-modified Tue, 03 Dec 2019 16:34:22 GMT server Apache accept-ranges bytes etag "e01-598cf44b63f80" content-length 3585 content-type image/png
GET H/1.1	200 OK	21141405.js Show response js.users.51.la/	5 KB 3 KB	315ms 81ms	Script application/javascript	14.17.102.110 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://js.users.51.la/21141405.js Requested by Host: saison.mffgdc.com URL: https://saison.mffgdc.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 14.17.102.110 Shenzhen, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software openresty / Resource Hash `7d8429204f556ce66dad063db4c0dd159952cb13f4ad8414b7a07a8b30980af5` Request headers accept-language jp-JP,jp;q=0.9 Referer https://saison.mffgdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Sat, 07 May 2022 00:38:13 GMT Content-Encoding gzip Server openresty Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=360000 Access-Control-Allow-Credentials true Connection keep-alive
GET H2	200	base.css saison.mffgdc.com/static/css/	5 KB 2 KB	207ms 206ms	Stylesheet text/css	107.173.255.12 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://saison.mffgdc.com/static/css/base.css Requested by Host: saison.mffgdc.com URL: https://saison.mffgdc.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.173.255.12 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 107-173-255-12-host.colocrossing.com Software Apache / Resource Hash `91c0c077d5086ad616a7ade895807e9193aa4cdb423098b47e6cd2be92d9f6d4` Request headers accept-language jp-JP,jp;q=0.9 Referer https://saison.mffgdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sat, 07 May 2022 00:38:12 GMT content-encoding gzip last-modified Tue, 03 Dec 2019 17:17:24 GMT server Apache etag "1351-598cfde9c7100-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1637
GET H2	200	ie8_btnBG2.png saison.mffgdc.com/static/images/	3 KB 3 KB	274ms 273ms	Image image/png	107.173.255.12 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://saison.mffgdc.com/static/images/ie8_btnBG2.png Requested by Host: saison.mffgdc.com URL: https://saison.mffgdc.com/static/css/index.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.173.255.12 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 107-173-255-12-host.colocrossing.com Software Apache / Resource Hash `1ed19ea7ee0a908c19890a25bf56f01efe45d145f87e8f7f6964a79b8bbcec0b` Request headers accept-language jp-JP,jp;q=0.9 Referer https://saison.mffgdc.com/static/css/index.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sat, 07 May 2022 00:38:13 GMT last-modified Tue, 03 Dec 2019 16:48:24 GMT server Apache accept-ranges bytes etag "a2f-598cf76e62600" content-length 2607 content-type image/png
GET H2	404	ie8_btnBG.png saison.mffgdc.com/static/images/	7 KB 7 KB	1156ms 1155ms	Image text/html	107.173.255.12 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://saison.mffgdc.com/static/images/ie8_btnBG.png Requested by Host: saison.mffgdc.com URL: https://saison.mffgdc.com/static/css/index.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.173.255.12 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 107-173-255-12-host.colocrossing.com Software Apache / Resource Hash `9dd7ee6b3f853d9cdb6345e7d6b152180c260686863f96f41e0f10e6ff4457ef` Request headers accept-language jp-JP,jp;q=0.9 Referer https://saison.mffgdc.com/static/css/index.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sat, 07 May 2022 00:38:13 GMT content-encoding gzip server Apache content-length 1828 vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	h3.gif saison.mffgdc.com/static/images/	120 B 189 B	272ms 271ms	Image image/gif	107.173.255.12 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://saison.mffgdc.com/static/images/h3.gif Requested by Host: saison.mffgdc.com URL: https://saison.mffgdc.com/static/css/jackIframe.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.173.255.12 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 107-173-255-12-host.colocrossing.com Software Apache / Resource Hash `6dbfe2e8a966ff6518e842a34478a784dec9c08f2062692ae2e68ad9683c8631` Request headers accept-language jp-JP,jp;q=0.9 Referer https://saison.mffgdc.com/static/css/jackIframe.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sat, 07 May 2022 00:38:13 GMT last-modified Tue, 03 Dec 2019 16:59:50 GMT server Apache accept-ranges bytes etag "78-598cf9fc9ad80" content-length 120 content-type image/gif
GET H/1.1	200	go1 ia.51.la/	0 215 B	347ms 125ms	Image text/plain	183.131.207.66 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Show image Full URL https://ia.51.la/go1?id=21141405&rt=1651883893216&rl=16001200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1651883893216&tt=SAISON%2520CARD%2520Net%25E3%2582%25A2%25E3%2583%25B3%25E3%2582%25B5%25E3%2583%25BC&kw=&cu=https%253A%252F%252Fsaison.mffgdc.com%252F&pu= Requested by* Host: saison.mffgdc.com URL: https://saison.mffgdc.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software CloudWAF / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language jp-JP,jp;q=0.9 Referer https://saison.mffgdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Sat, 07 May 2022 00:38:13 GMT Server CloudWAF Connection keep-alive Content-Length 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Saison Card (Financial) UC Card (Financial)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
saison.mffgdc.com/	1969-12-31 23:59:59	Name: __tins__21141405 Value: %7B%22sid%22%3A%201651883893216%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201651885693216%7D
saison.mffgdc.com/	1969-12-31 23:59:59	Name: __51cke__ Value:
saison.mffgdc.com/	1969-12-31 23:59:59	Name: __51laig__ Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://saison.mffgdc.com/static/images/ie8_btnBG.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.saisoncard.co.jp
ia.51.la
js.users.51.la
saison.mffgdc.com
107.173.255.12
14.17.102.110
183.131.207.66
210.151.8.173
046dae1710bdf2c2a11b49acadad79bafc11b086ed2d79e3c1647f129a8b8ddd
1ed19ea7ee0a908c19890a25bf56f01efe45d145f87e8f7f6964a79b8bbcec0b
6dbfe2e8a966ff6518e842a34478a784dec9c08f2062692ae2e68ad9683c8631
75973c5ac18ad0d5511bbda1e1e4a804e939ff2871fb3776d2849455cfb2eb9f
766b9361bba45e02ec03d15b3e2ab80e70525570decb1473dfd6ab8ec49506fe
7d8429204f556ce66dad063db4c0dd159952cb13f4ad8414b7a07a8b30980af5
8fca1ac0be84adf4e4c152bd6db10305f9af5f7761a41a90cd1d55a18b892221
911ce713372a0044fe4b8a292410cdf85f4c0227a4c4e37facd6bc8a6bf2b2da
91c0c077d5086ad616a7ade895807e9193aa4cdb423098b47e6cd2be92d9f6d4
9dd7ee6b3f853d9cdb6345e7d6b152180c260686863f96f41e0f10e6ff4457ef
a348c7a8a94430562064f02f77308e3e8bbaf912420b8cd77ad3956bdfbf7df5
b35649790f19e96b18bf841f6f324d8426c41d2dd75accda0d5f4e0653944028
c84c29fd5b0efe5457733b16e143409c0c7000efe96c78b2e0766d79680c7a77
d8a6fc069a03cdcb918160c298a79fbb391662f183645c94360af5308b1918ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

saison.mffgdc.com Open in urlscan Pro 107.173.255.12 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

259 kBTransfer

288 kBSize

3 Cookies

6 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

saison.mffgdc.com Open in urlscan Pro
107.173.255.12 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

259 kB
Transfer

288 kB
Size

3
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!