secure-sakura-ad.jp.amxon-nak.com Open in urlscan Pro
198.55.106.215  Malicious Activity! Public Scan

Submitted URL: https://secure-sakura-ad.jp.amxon-nak.com/
Effective URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Submission: On July 31 via manual from JP — Scanned from JP

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 198.55.106.215, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is secure-sakura-ad.jp.amxon-nak.com.
TLS certificate: Issued by R3 on July 30th 2023. Valid for: 3 months.
This is the only time secure-sakura-ad.jp.amxon-nak.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SAKURA Internet (Online)

Domain & IP information

IP Address AS Autonomous System
1 16 198.55.106.215 8100 (ASN-QUADR...)
1 42.236.73.40 4837 (CHINA169-...)
1 42.236.73.38 4837 (CHINA169-...)
17 3
Apex Domain
Subdomains
Transfer
16 amxon-nak.com
secure-sakura-ad.jp.amxon-nak.com
45 KB
2 51.la
js.users.51.la — Cisco Umbrella Rank: 69021
ia.51.la — Cisco Umbrella Rank: 70437
3 KB
17 2
Domain Requested by
16 secure-sakura-ad.jp.amxon-nak.com 1 redirects secure-sakura-ad.jp.amxon-nak.com
1 ia.51.la secure-sakura-ad.jp.amxon-nak.com
1 js.users.51.la secure-sakura-ad.jp.amxon-nak.com
17 3

This site contains links to these domains. Also see Links.

Domain
secure.sakura.ad.jp
www.sakura.ad.jp
help.sakura.ad.jp
Subject Issuer Validity Valid
secure-sakura-ad.jp.amxon-nak.com
R3
2023-07-30 -
2023-10-28
3 months crt.sh
*.users.51.la
GlobalSign GCC R3 DV TLS CA 2020
2023-04-14 -
2024-05-15
a year crt.sh
*.51.la
GlobalSign GCC R3 DV TLS CA 2020
2023-04-20 -
2024-05-21
a year crt.sh

This page contains 1 frames:

Primary Page: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Frame ID: 06F8D751192CAAA797FF965B433DE169
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

会員メニュー|さくらインターネット

Page URL History Show full URLs

  1. https://secure-sakura-ad.jp.amxon-nak.com/ HTTP 302
    https://secure-sakura-ad.jp.amxon-nak.com/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+flat-ui(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

48 kB
Transfer

188 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure-sakura-ad.jp.amxon-nak.com/ HTTP 302
    https://secure-sakura-ad.jp.amxon-nak.com/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
secure-sakura-ad.jp.amxon-nak.com/
Redirect Chain
  • https://secure-sakura-ad.jp.amxon-nak.com/
  • https://secure-sakura-ad.jp.amxon-nak.com/login.php
8 KB
3 KB
Document
General
Full URL
https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.55.106.215 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
198.55.106.215.static.quadranet.com
Software
nginx /
Resource Hash
27af383d38d8ba328c441bd653e7d5f1c0430737dda4c2c3193108f1cc9a0c19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 31 Jul 2023 00:06:12 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 31 Jul 2023 00:06:12 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
./login.php
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
flat-ui.min.css
secure-sakura-ad.jp.amxon-nak.com/css/
128 KB
24 KB
Stylesheet
General
Full URL
https://secure-sakura-ad.jp.amxon-nak.com/css/flat-ui.min.css
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.55.106.215 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
198.55.106.215.static.quadranet.com
Software
nginx /
Resource Hash
1a4f7dc4200fe81a8d92276247c77e27b4ff91f286f6d887c2abf0ee94d38d04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 00:06:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 09:05:43 GMT
server
nginx
etag
W/"63bfcd67-1feef"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 31 Jul 2023 12:06:12 GMT
validationEngine.jquery.css
secure-sakura-ad.jp.amxon-nak.com/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://secure-sakura-ad.jp.amxon-nak.com/css/validationEngine.jquery.css
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.55.106.215 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
198.55.106.215.static.quadranet.com
Software
nginx /
Resource Hash
456f4d127f4cc0cb1c9df398f7cf5e0f481098c644f00d9e4b459531f68174b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 00:06:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 09:05:42 GMT
server
nginx
etag
W/"63bfcd66-db0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 31 Jul 2023 12:06:12 GMT
common.css
secure-sakura-ad.jp.amxon-nak.com/css/
12 KB
4 KB
Stylesheet
General
Full URL
https://secure-sakura-ad.jp.amxon-nak.com/css/common.css
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.55.106.215 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
198.55.106.215.static.quadranet.com
Software
nginx /
Resource Hash
19125f7d4bdc5277e66f92fe4e979618d4fd9f36749a199f3eb0b5b01d037093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 00:06:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 09:05:43 GMT
server
nginx
etag
W/"63bfcd67-3066"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 31 Jul 2023 12:06:12 GMT
short.css
secure-sakura-ad.jp.amxon-nak.com/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://secure-sakura-ad.jp.amxon-nak.com/css/short.css
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.55.106.215 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
198.55.106.215.static.quadranet.com
Software
nginx /
Resource Hash
36cd065bfb7d5b67f4bd3f1ce0a0e125ad6790078b01734c44679ad7b6b60157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 00:06:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 09:05:42 GMT
server
nginx
etag
W/"63bfcd66-24f4"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 31 Jul 2023 12:06:12 GMT
header.css
secure-sakura-ad.jp.amxon-nak.com/css/
2 KB
818 B
Stylesheet
General
Full URL
https://secure-sakura-ad.jp.amxon-nak.com/css/header.css
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.55.106.215 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
198.55.106.215.static.quadranet.com
Software
nginx /
Resource Hash
2846c5272911208c5a6c1870cf26446ee45e51ccb7a0c62970bf5747afa04019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 00:06:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 09:05:42 GMT
server
nginx
etag
W/"63bfcd66-707"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 31 Jul 2023 12:06:12 GMT
footer.css
secure-sakura-ad.jp.amxon-nak.com/css/
808 B
1012 B
Stylesheet
General
Full URL
https://secure-sakura-ad.jp.amxon-nak.com/css/footer.css
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.55.106.215 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
198.55.106.215.static.quadranet.com
Software
nginx /
Resource Hash
8dae0d4fa4a8e24c4ce334eaa7662e01f4579a155a4e933bd137acff10f52c36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 00:06:12 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 12 Jan 2023 09:05:43 GMT
server
nginx
etag
"63bfcd67-328"
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
content-length
808
expires
Mon, 31 Jul 2023 12:06:12 GMT
modal.css
secure-sakura-ad.jp.amxon-nak.com/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://secure-sakura-ad.jp.amxon-nak.com/css/modal.css
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.55.106.215 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
198.55.106.215.static.quadranet.com
Software
nginx /
Resource Hash
ba45b967503ceb6af8922e6d809f1345e1fb3c1d213d6fb06b7abe7f5cf9497b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 00:06:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 09:05:42 GMT
server
nginx
etag
W/"63bfcd66-dac"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 31 Jul 2023 12:06:12 GMT
loding.css
secure-sakura-ad.jp.amxon-nak.com/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://secure-sakura-ad.jp.amxon-nak.com/css/loding.css
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.55.106.215 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
198.55.106.215.static.quadranet.com
Software
nginx /
Resource Hash
236ef773ada586788328670c1350733ced6c50310e488e207b9ec575bc3c5a2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 00:06:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 09:05:42 GMT
server
nginx
etag
W/"63bfcd66-127b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 31 Jul 2023 12:06:12 GMT
loginCommon.css
secure-sakura-ad.jp.amxon-nak.com/css/
8 KB
3 KB
Stylesheet
General
Full URL
https://secure-sakura-ad.jp.amxon-nak.com/css/loginCommon.css
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.55.106.215 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
198.55.106.215.static.quadranet.com
Software
nginx /
Resource Hash
a4c9701e2a239493beb245ab925e22ddc533e6c6f92cd60f26e6b7e55d0d66dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 00:06:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 09:05:42 GMT
server
nginx
etag
W/"63bfcd66-20da"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 31 Jul 2023 12:06:12 GMT
loginFirstStep.css
secure-sakura-ad.jp.amxon-nak.com/css/
1 KB
786 B
Stylesheet
General
Full URL
https://secure-sakura-ad.jp.amxon-nak.com/css/loginFirstStep.css
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.55.106.215 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
198.55.106.215.static.quadranet.com
Software
nginx /
Resource Hash
5571b125c687ff533cdca43764d03cc5f22ceea1be76ea5ad8f374361a006138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 00:06:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 09:05:42 GMT
server
nginx
etag
W/"63bfcd66-48f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 31 Jul 2023 12:06:12 GMT
jquery-1.3.1.min.js
secure-sakura-ad.jp.amxon-nak.com/public/js/
0
0
Script
General
Full URL
https://secure-sakura-ad.jp.amxon-nak.com/public/js/jquery-1.3.1.min.js
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.55.106.215 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
198.55.106.215.static.quadranet.com
Software
nginx /
Resource Hash

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 00:06:12 GMT
server
nginx
content-length
548
content-type
text/html
21567507.js
js.users.51.la/
5 KB
3 KB
Script
General
Full URL
https://js.users.51.la/21567507.js
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.236.73.40 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
hn.kd.ny.adsl
Software
openresty /
Resource Hash
1277f7dcb5aaeedce414d332f4a2a14b6865643f230bef0fc327e28f6f2a8f02

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 00:06:13 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
jquery.validationEngine.js
secure-sakura-ad.jp.amxon-nak.com/public/js/
0
0
Script
General
Full URL
https://secure-sakura-ad.jp.amxon-nak.com/public/js/jquery.validationEngine.js
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.55.106.215 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
198.55.106.215.static.quadranet.com
Software
nginx /
Resource Hash

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 00:06:12 GMT
server
nginx
content-length
548
content-type
text/html
osu-logo.png
secure-sakura-ad.jp.amxon-nak.com/img/
3 KB
3 KB
Image
General
Full URL
https://secure-sakura-ad.jp.amxon-nak.com/img/osu-logo.png
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.55.106.215 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
198.55.106.215.static.quadranet.com
Software
nginx /
Resource Hash
d1293448cfd6ca56dc36546c9065dc1b05d2b3e197c5ef8d0e9debcdd14fcda6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 00:06:13 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 12 Jan 2023 09:07:43 GMT
server
nginx
etag
"63bfcddf-bcf"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3023
expires
Wed, 30 Aug 2023 00:06:13 GMT
go1
ia.51.la/
0
73 B
Image
General
Full URL
https://ia.51.la/go1?id=21567507&rt=1690761973389&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1690761973389&tt=%25E4%25BC%259A%25E5%2593%25A1%25E3%2583%25A1%25E3%2583%258B%25E3%2583%25A5%25E3%2583%25BC%25EF%25BD%259C%25E3%2581%2595%25E3%2581%258F%25E3%2582%2589%25E3%2582%25A4%25E3%2583%25B3%25E3%2582%25BF%25E3%2583%25BC%25E3%2583%258D%25E3%2583%2583%25E3%2583%2588&kw=&cu=https%253A%252F%252Fsecure-sakura-ad.jp.amxon-nak.com%252Flogin.php&pu=
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
42.236.73.38 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
hn.kd.ny.adsl
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 00:05:54 GMT
Content-Length
0
jquery-1.3.1.min.js
secure-sakura-ad.jp.amxon-nak.com/public/js/
0
0
Script
General
Full URL
https://secure-sakura-ad.jp.amxon-nak.com/public/js/jquery-1.3.1.min.js
Requested by
Host: secure-sakura-ad.jp.amxon-nak.com
URL: https://secure-sakura-ad.jp.amxon-nak.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.55.106.215 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
198.55.106.215.static.quadranet.com
Software
nginx /
Resource Hash

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure-sakura-ad.jp.amxon-nak.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 00:06:13 GMT
server
nginx
content-length
548
content-type
text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SAKURA Internet (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
secure-sakura-ad.jp.amxon-nak.com/ Name: PHPSESSID
Value: jbhbt3faqps0to0pepc44cqk7j
secure-sakura-ad.jp.amxon-nak.com/ Name: __tins__21567507
Value: %7B%22sid%22%3A%201690761973389%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201690763773389%7D
secure-sakura-ad.jp.amxon-nak.com/ Name: __51cke__
Value:
secure-sakura-ad.jp.amxon-nak.com/ Name: __51laig__
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://secure-sakura-ad.jp.amxon-nak.com/public/js/jquery-1.3.1.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-sakura-ad.jp.amxon-nak.com/public/js/jquery.validationEngine.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-sakura-ad.jp.amxon-nak.com/public/js/jquery-1.3.1.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000