www.bcsbirds.com Open in urlscan Pro
184.168.236.1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secure.sakurawebmail.co/ad.jp/rscontrol/webmail
Effective URL:
http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/saku...
Submission: On October 11 via manual (October 11th 2019, 12:39:13 am UTC) from JP

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 184.168.236.1, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is www.bcsbirds.com.

This is the only time www.bcsbirds.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 2	107.180.50.185 107.180.50.185	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1 6	184.168.236.1 184.168.236.1	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1	185.225.208.133 185.225.208.133	13213 (UK2NET-AS) (UK2NET-AS)
1	67.202.94.86 67.202.94.86	32748 (STEADFAST) (STEADFAST - Steadfast)
8	5

2 107.180.50.185 (Scottsdale, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-107-180-50-185.ip.secureserver.net

secure.sakurawebmail.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.168.236.1 (Scottsdale, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: p3nlhg136c1136.shr.prod.phx3.secureserver.net

www.bcsbirds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.225.208.133 (Germany)

ASN13213 (UK2NET-AS, GB)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	bcsbirds.com 1 redirects www.bcsbirds.com	64 KB
2	sakurawebmail.co 1 redirects secure.sakurawebmail.co	743 B
1	amung.us whos.amung.us	213 B
1	waust.at waust.at	7 KB
8	4

	Domain	Requested by
6	www.bcsbirds.com	1 redirects www.bcsbirds.com
2	secure.sakurawebmail.co	1 redirects
1	whos.amung.us	waust.at
1	waust.at	www.bcsbirds.com
8	4

This site contains links to these domains. Also see Links.

Domain
whos.amung.us

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/sakura.html?sakurasessionsnew_signintosakuraonlinenejp
Frame ID: 5EE1172BDE16674228CF8B1B9563457F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://secure.sakurawebmail.co/ad.jp/rscontrol/webmail HTTP 301
http://secure.sakurawebmail.co/ad.jp/rscontrol/webmail/ Page URL
http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-971... HTTP 301
http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-971... Page URL
http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-971... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

72 kB
Transfer

90 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://whos.amung.us/stats/bru1q1mpon/
Title: 32

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secure.sakurawebmail.co/ad.jp/rscontrol/webmail HTTP 301
http://secure.sakurawebmail.co/ad.jp/rscontrol/webmail/ Page URL
http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm HTTP 301
http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/ Page URL
http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/sakura.html?sakurasessionsnew_signintosakuraonlinenejp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://secure.sakurawebmail.co/ad.jp/rscontrol/webmail HTTP 301
http://secure.sakurawebmail.co/ad.jp/rscontrol/webmail/

Request Chain 1

http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm HTTP 301
http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/

8 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response secure.sakurawebmail.co/ad.jp/rscontrol/webmail/ Redirect Chain http://secure.sakurawebmail.co/ad.jp/rscontrol/webmail http://secure.sakurawebmail.co/ad.jp/rscontrol/webmail/	188 B 476 B	110ms 108ms	Document text/html	107.180.50.185 GoDaddy.com
General Check archive.org Show headers Download Go to Full URL http://secure.sakurawebmail.co/ad.jp/rscontrol/webmail/ Protocol HTTP/1.1 Server 107.180.50.185 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS ip-107-180-50-185.ip.secureserver.net Software Apache / Resource Hash `2905fc4215a6ff161b3095deb991e81e44e4f9567216b537d789fff7255b82f2` Request headers Host secure.sakurawebmail.co Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 11 Oct 2019 00:38:57 GMT Server Apache Last-Modified Thu, 10 Oct 2019 22:17:41 GMT ETag "6c60092-bc-59495c51a087c-gzip" Accept-Ranges bytes Vary Accept-Encoding,User-Agent Content-Encoding gzip Content-Length 146 Keep-Alive timeout=5 Connection Keep-Alive Content-Type text/html Redirect headers Date Fri, 11 Oct 2019 00:38:57 GMT Server Apache Location http://secure.sakurawebmail.co/ad.jp/rscontrol/webmail/ Content-Length 263 Keep-Alive timeout=5 Connection Keep-Alive Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	/ Show response www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/ Redirect Chain http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/	117 B 441 B	190ms 189ms	Document text/html	184.168.236.1 GoDaddy.com
General Check archive.org Show headers Download Go to Full URL http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/ Protocol HTTP/1.1 Server 184.168.236.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS p3nlhg136c1136.shr.prod.phx3.secureserver.net Software Apache / Resource Hash `27c6dc9fc781c1357cc4ffcd3d0bafc53101477c1703ddc204ef9ff0ced49074` Request headers Host www.bcsbirds.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://secure.sakurawebmail.co/ad.jp/rscontrol/webmail/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://secure.sakurawebmail.co/ad.jp/rscontrol/webmail/ Response headers Date Fri, 11 Oct 2019 00:38:57 GMT Server Apache Last-Modified Thu, 10 Oct 2019 21:55:22 GMT ETag "75-59495754be451-gzip" Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Content-Length 122 Keep-Alive timeout=5, max=99 Connection Keep-Alive Content-Type text/html Redirect headers Date Fri, 11 Oct 2019 00:38:57 GMT Server Apache Location http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/ Content-Length 390 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	Primary Request sakura.html Show response www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/	2 KB 1 KB	165ms 165ms	Document text/html	184.168.236.1 GoDaddy.com
General Check archive.org Show headers Download Go to Full URL http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/sakura.html?sakurasessionsnew_signintosakuraonlinenejp Protocol HTTP/1.1 Server 184.168.236.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS p3nlhg136c1136.shr.prod.phx3.secureserver.net Software Apache / Resource Hash `511a012bc33411293937e353b8aa182cda7f52f74e4a4332747ef256ce155268` Request headers Host www.bcsbirds.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/ Response headers Date Fri, 11 Oct 2019 00:38:59 GMT Server Apache Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Content-Length 799 Keep-Alive timeout=5, max=98 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	xvx.js Show response www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/	12 KB 3 KB	167ms 166ms	Script application/javascript	184.168.236.1 GoDaddy.com
General Check archive.org Show headers Download Go to Full URL http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/xvx.js Requested by Host: www.bcsbirds.com URL: http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/sakura.html?sakurasessionsnew_signintosakuraonlinenejp Protocol HTTP/1.1 Server 184.168.236.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS p3nlhg136c1136.shr.prod.phx3.secureserver.net Software Apache / Resource Hash `344ce7ae9a0179e949d1daf2b1811828294ec092ebdd622a7d8f2f379e801823` Request headers Referer http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/sakura.html?sakurasessionsnew_signintosakuraonlinenejp User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 11 Oct 2019 00:38:59 GMT Content-Encoding gzip Last-Modified Thu, 10 Oct 2019 21:55:22 GMT Server Apache ETag "301b-59495754b6b30-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=604800 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 2474 Expires Fri, 18 Oct 2019 00:38:59 GMT
GET H/1.1	200 OK	dnt2.png www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/mux/	1 KB 2 KB	335ms 330ms	Image image/png	184.168.236.1 GoDaddy.com
General Check archive.org Show headers Download Go to Show image Full URL http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/mux/dnt2.png Requested by Host: www.bcsbirds.com URL: http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/sakura.html?sakurasessionsnew_signintosakuraonlinenejp Protocol HTTP/1.1 Server 184.168.236.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS p3nlhg136c1136.shr.prod.phx3.secureserver.net Software Apache / Resource Hash `ffa06deb7ce9599be5e16d4dfb770f2385f154096da6ab8f4238c50f359e47d2` Request headers Referer http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/sakura.html?sakurasessionsnew_signintosakuraonlinenejp User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 11 Oct 2019 00:38:59 GMT Last-Modified Thu, 10 Oct 2019 21:55:22 GMT Server Apache ETag "5df-59495754b9623" Content-Type image/png Cache-Control max-age=5184000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1503 Expires Tue, 10 Dec 2019 00:38:59 GMT
GET H/1.1	200 OK	d.js Show response waust.at/	13 KB 7 KB	14ms 8ms	Script application/x-javascript	185.225.208.133 UK2NET-AS
General Check archive.org Show headers Download Go to Full URL http://waust.at/d.js Requested by Host: www.bcsbirds.com URL: http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/sakura.html?sakurasessionsnew_signintosakuraonlinenejp Protocol HTTP/1.1 Server 185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB), Reverse DNS Software / Resource Hash `9aef19b23a01bd96033bc1f1acb3da5e38dc54bcc4aa1972919c7b2b2a71e4aa` Request headers Referer http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/sakura.html?sakurasessionsnew_signintosakuraonlinenejp User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 11 Oct 2019 00:38:59 GMT Content-Encoding gzip Last-Modified Thu, 11 Jul 2019 20:01:12 GMT ETag W/"5d279588-32b0" Transfer-Encoding chunked Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=86400, private Connection keep-alive Expires Sat, 12 Oct 2019 00:38:59 GMT
GET H/1.1	200 OK	dnt1.png www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/mux/	58 KB 58 KB	166ms 166ms	Image image/png	184.168.236.1 GoDaddy.com
General Check archive.org Show headers Download Go to Show image Full URL http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/mux/dnt1.png Requested by Host: www.bcsbirds.com URL: http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/sakura.html?sakurasessionsnew_signintosakuraonlinenejp Protocol HTTP/1.1 Server 184.168.236.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS p3nlhg136c1136.shr.prod.phx3.secureserver.net Software Apache / Resource Hash `8da72e6dd376d77a08796f1aece5d68f3a20c395089cbeec0c8b2a5ba2cdd4d9` Request headers Referer http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/sakura.html?sakurasessionsnew_signintosakuraonlinenejp User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 11 Oct 2019 00:38:59 GMT Last-Modified Thu, 10 Oct 2019 21:55:22 GMT Server Apache ETag "e620-59495754b8686" Content-Type image/png Cache-Control max-age=5184000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 58912 Expires Tue, 10 Dec 2019 00:38:59 GMT
GET H/1.1	200 OK	/ Show response whos.amung.us/pingjs/	29 B 213 B	220ms 214ms	Script text/javascript	67.202.94.86 Steadfast
General Check archive.org Show headers Download Go to Full URL http://whos.amung.us/pingjs/?k=bru1q1mpon&t=Sakura&c=d&y=http%3A%2F%2Fwww.bcsbirds.com%2Fsakuraaccountuid%2F86fc0a15-c94b-11dd-9712-00114332949f%2F86fc0a15-c94b-11dd-9712-00114332949pm%2F&a=0&r=5571 Requested by Host: waust.at URL: http://waust.at/d.js Protocol HTTP/1.1 Server 67.202.94.86 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS amung.us Software / Resource Hash `3e902b4bfa6470cc1e2414fa1c6cbf8ea1f72488746a3c69956ef050d83ad0cf` Request headers Referer http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/sakura.html?sakurasessionsnew_signintosakuraonlinenejp User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 11 Oct 2019 00:38:59 GMT content-encoding gzip transfer-encoding chunked content-type text/javascript;charset=UTF-8
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d` Request headers Referer http://www.bcsbirds.com/sakuraaccountuid/86fc0a15-c94b-11dd-9712-00114332949f/86fc0a15-c94b-11dd-9712-00114332949pm/sakura.html?sakurasessionsnew_signintosakuraonlinenejp User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

secure.sakurawebmail.co
waust.at
whos.amung.us
www.bcsbirds.com
107.180.50.185
184.168.236.1
185.225.208.133
67.202.94.86
27c6dc9fc781c1357cc4ffcd3d0bafc53101477c1703ddc204ef9ff0ced49074
2905fc4215a6ff161b3095deb991e81e44e4f9567216b537d789fff7255b82f2
344ce7ae9a0179e949d1daf2b1811828294ec092ebdd622a7d8f2f379e801823
3e902b4bfa6470cc1e2414fa1c6cbf8ea1f72488746a3c69956ef050d83ad0cf
511a012bc33411293937e353b8aa182cda7f52f74e4a4332747ef256ce155268
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
8da72e6dd376d77a08796f1aece5d68f3a20c395089cbeec0c8b2a5ba2cdd4d9
9aef19b23a01bd96033bc1f1acb3da5e38dc54bcc4aa1972919c7b2b2a71e4aa
ffa06deb7ce9599be5e16d4dfb770f2385f154096da6ab8f4238c50f359e47d2

www.bcsbirds.com Open in urlscan Pro 184.168.236.1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

72 kBTransfer

90 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

32 JavaScript Global Variables

0 Cookies

Indicators

www.bcsbirds.com Open in urlscan Pro
184.168.236.1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

72 kB
Transfer

90 kB
Size

0
Cookies

8 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!