www.saiaoncn-co-jp.acsaeoseen.hscqht.top

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 204.44.82.17, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is www.saiaoncn-co-jp.acsaeoseen.hscqht.top.

This is the only time www.saiaoncn-co-jp.acsaeoseen.hscqht.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Saison Card (Financial)

Domain & IP information

	IP Address		AS Autonomous System
7	204.44.82.17 204.44.82.17		8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
7	1

7 204.44.82.17 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 204.44.82.17.static.quadranet.com

www.saiaoncn-co-jp.acsaeoseen.hscqht.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	hscqht.top www.saiaoncn-co-jp.acsaeoseen.hscqht.top	378 KB
7	1

	Domain	Requested by
7	www.saiaoncn-co-jp.acsaeoseen.hscqht.top	www.saiaoncn-co-jp.acsaeoseen.hscqht.top
7	1

This site contains links to these domains. Also see Links.

Domain
api.saisoncard.co.jp
185.217.93.14
netanswerplus.saisoncard.co.jp
www.saisoncard.co.jp

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/login.php?idsmt=10123005600&nextfunck=10130550000
Frame ID: B06AAD533416A50BFC737E78795C2346
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SAISON CARD Netアンサー

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

378 kB
Transfer

395 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://api.saisoncard.co.jp/auth/screen/na/authorize?response_type=code&client_id=ZC001&state=&scope=openid#clear
Title: ✖

Search URL Search Domain Scan URL

URL: https://185.217.93.14/index/buyer
Title: こちら

Search URL Search Domain Scan URL

URL: https://netanswerplus.saisoncard.co.jp/WebPc/pages/images/person/faq/index.html
Title: よくあるお問い合わせ

Search URL Search Domain Scan URL

URL: https://www.saisoncard.co.jp/news/maintain
Title: メンテナンス情報

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.php Show response www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/	7 KB 3 KB	671ms 234ms	Document text/html	204.44.82.17 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/login.php?idsmt=10123005600&nextfunck=10130550000 Protocol HTTP/1.1 Server 204.44.82.17 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.82.17.static.quadranet.com Software nginx / Resource Hash `abc9963b4c8f5ed79ddc3401fc4aec6a0b5264e1e95676dc20721f64ce6ab8f9` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 02 Nov 2022 02:40:19 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	index.css www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/	18 KB 5 KB	236ms 234ms	Stylesheet text/css	204.44.82.17 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/index.css Requested by Host: www.saiaoncn-co-jp.acsaeoseen.hscqht.top URL: http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/login.php?idsmt=10123005600&nextfunck=10130550000 Protocol HTTP/1.1 Server 204.44.82.17 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.82.17.static.quadranet.com Software nginx / Resource Hash `987869c73d068de29aeca16f950dbde7b847aa34b5fcb4bf9cdb563a3711b0c7` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/login.php?idsmt=10123005600&nextfunck=10130550000 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Wed, 02 Nov 2022 02:40:19 GMT Content-Encoding gzip Last-Modified Fri, 28 Oct 2022 19:23:16 GMT Server nginx ETag W/"635c2c24-4883" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control max-age=43200 Connection keep-alive Expires Wed, 02 Nov 2022 14:40:19 GMT
GET H/1.1	200 OK	layout.css www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/	2 KB 1 KB	237ms 236ms	Stylesheet text/css	204.44.82.17 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/layout.css Requested by Host: www.saiaoncn-co-jp.acsaeoseen.hscqht.top URL: http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/login.php?idsmt=10123005600&nextfunck=10130550000 Protocol HTTP/1.1 Server 204.44.82.17 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.82.17.static.quadranet.com Software nginx / Resource Hash `4d886ba5eca8e12d1332dabd5ff1a0440318d3269c83fa24235fcec0a121a860` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/login.php?idsmt=10123005600&nextfunck=10130550000 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Wed, 02 Nov 2022 02:40:19 GMT Content-Encoding gzip Last-Modified Fri, 28 Oct 2022 19:23:18 GMT Server nginx ETag W/"635c2c26-9d4" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control max-age=43200 Connection keep-alive Expires Wed, 02 Nov 2022 14:40:19 GMT
GET H/1.1	200 OK	icon_saison_01.png www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/	4 KB 4 KB	429ms 233ms	Image image/png	204.44.82.17 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/icon_saison_01.png Requested by Host: www.saiaoncn-co-jp.acsaeoseen.hscqht.top URL: http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/login.php?idsmt=10123005600&nextfunck=10130550000 Protocol HTTP/1.1 Server 204.44.82.17 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.82.17.static.quadranet.com Software nginx / Resource Hash `7829cd82e5b348bd82b5917ab6b4df98a0ca39a30a21d70735cf791e5e8b7bcf` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/login.php?idsmt=10123005600&nextfunck=10130550000 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Wed, 02 Nov 2022 02:40:20 GMT Last-Modified Fri, 28 Oct 2022 19:23:16 GMT Server nginx ETag "635c2c24-f53" Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 3923 Expires Fri, 02 Dec 2022 02:40:20 GMT
GET H/1.1	200 OK	pczuo.png www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/	289 KB 290 KB	430ms 235ms	Image image/png	204.44.82.17 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/pczuo.png Requested by Host: www.saiaoncn-co-jp.acsaeoseen.hscqht.top URL: http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/login.php?idsmt=10123005600&nextfunck=10130550000 Protocol HTTP/1.1 Server 204.44.82.17 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.82.17.static.quadranet.com Software nginx / Resource Hash `933db1d86fb899d32613d1b8a466306a3440ad1b994448ee0b1853aa4e352f2f` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/login.php?idsmt=10123005600&nextfunck=10130550000 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Wed, 02 Nov 2022 02:40:20 GMT Last-Modified Fri, 28 Oct 2022 19:23:18 GMT Server nginx ETag "635c2c26-48513" Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 296211 Expires Fri, 02 Dec 2022 02:40:20 GMT
GET H/1.1	200 OK	footer_img.png www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/	4 KB 4 KB	463ms 232ms	Image image/png	204.44.82.17 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/footer_img.png Requested by Host: www.saiaoncn-co-jp.acsaeoseen.hscqht.top URL: http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/login.php?idsmt=10123005600&nextfunck=10130550000 Protocol HTTP/1.1 Server 204.44.82.17 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.82.17.static.quadranet.com Software nginx / Resource Hash `046dae1710bdf2c2a11b49acadad79bafc11b086ed2d79e3c1647f129a8b8ddd` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/login.php?idsmt=10123005600&nextfunck=10130550000 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Wed, 02 Nov 2022 02:40:20 GMT Last-Modified Fri, 28 Oct 2022 19:23:14 GMT Server nginx ETag "635c2c22-e01" Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 3585 Expires Fri, 02 Dec 2022 02:40:20 GMT
GET H/1.1	200 OK	_.html www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/	71 KB 71 KB	259ms 234ms	Image text/html	204.44.82.17 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/_.html Requested by Host: www.saiaoncn-co-jp.acsaeoseen.hscqht.top URL: http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/index.css Protocol HTTP/1.1 Server 204.44.82.17 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.82.17.static.quadranet.com Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.saiaoncn-co-jp.acsaeoseen.hscqht.top/all/index.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Wed, 02 Nov 2022 02:40:20 GMT Content-Encoding gzip Last-Modified Fri, 28 Oct 2022 19:32:30 GMT Server nginx ETag W/"635c2e4e-6d403" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html Connection keep-alive

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Saison Card (Financial)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.saiaoncn-co-jp.acsaeoseen.hscqht.top
204.44.82.17
046dae1710bdf2c2a11b49acadad79bafc11b086ed2d79e3c1647f129a8b8ddd
4d886ba5eca8e12d1332dabd5ff1a0440318d3269c83fa24235fcec0a121a860
7829cd82e5b348bd82b5917ab6b4df98a0ca39a30a21d70735cf791e5e8b7bcf
933db1d86fb899d32613d1b8a466306a3440ad1b994448ee0b1853aa4e352f2f
987869c73d068de29aeca16f950dbde7b847aa34b5fcb4bf9cdb563a3711b0c7
abc9963b4c8f5ed79ddc3401fc4aec6a0b5264e1e95676dc20721f64ce6ab8f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.saiaoncn-co-jp.acsaeoseen.hscqht.top Open in urlscan Pro 204.44.82.17 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

378 kBTransfer

395 kBSize

0 Cookies

4 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Indicators

www.saiaoncn-co-jp.acsaeoseen.hscqht.top Open in urlscan Pro
204.44.82.17 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

378 kB
Transfer

395 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!