www.api.saisoncard.co.jp.htlhh.com
Open in
urlscan Pro
155.94.154.85
Malicious Activity!
Public Scan
Effective URL: https://www.api.saisoncard.co.jp.htlhh.com/auth/screen/index.html
Submission Tags: #phishing @ap_zenmashi Search All
Submission: On September 16 via api from FI — Scanned from JP
Summary
TLS certificate: Issued by R3 on September 16th 2022. Valid for: 3 months.
This is the only time www.api.saisoncard.co.jp.htlhh.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Saison Card (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 16 | 155.94.154.85 155.94.154.85 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
3 | 2600:1901:0:5... 2600:1901:0:587d:: | 15169 (GOOGLE) (GOOGLE) | |
4 | 2404:6800:400... 2404:6800:4008:c03::80 | 15169 (GOOGLE) (GOOGLE) | |
1 | 210.151.8.173 210.151.8.173 | 4725 (ODN SoftB...) (ODN SoftBank Corp.) | |
23 | 4 |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 155.94.154.85.static.quadranet.com
www.api.saisoncard.co.jp.htlhh.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
htlhh.com
1 redirects
www.api.saisoncard.co.jp.htlhh.com |
69 KB |
4 |
googleapis.com
capy.storage.googleapis.com |
6 KB |
3 |
capy.me
jp.api.capy.me |
162 KB |
1 |
saisoncard.co.jp
api.saisoncard.co.jp |
302 B |
23 | 4 |
Domain | Requested by | |
---|---|---|
16 | www.api.saisoncard.co.jp.htlhh.com |
1 redirects
www.api.saisoncard.co.jp.htlhh.com
|
4 | capy.storage.googleapis.com |
www.api.saisoncard.co.jp.htlhh.com
|
3 | jp.api.capy.me |
www.api.saisoncard.co.jp.htlhh.com
|
1 | api.saisoncard.co.jp |
www.api.saisoncard.co.jp.htlhh.com
|
23 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
netanswerplus.saisoncard.co.jp |
www.saisoncard.co.jp |
api.saisoncard.co.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.api.saisoncard.co.jp.htlhh.com R3 |
2022-09-16 - 2022-12-15 |
3 months | crt.sh |
jp.api.capy.me RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2022-08-19 - 2023-09-19 |
a year | crt.sh |
*.storage.googleapis.com GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
api.saisoncard.co.jp Cybertrust Japan SureServer EV CA G3 |
2021-12-02 - 2022-12-31 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.api.saisoncard.co.jp.htlhh.com/auth/screen/index.html
Frame ID: ACE215A84F03CBF81A1C74C6BDF29D34
Requests: 17 HTTP requests in this frame
Frame:
https://www.api.saisoncard.co.jp.htlhh.com/auth/screen/if.html
Frame ID: 1C0366B1042A74D492318060D6D30E7A
Requests: 5 HTTP requests in this frame
Frame:
https://www.api.saisoncard.co.jp.htlhh.com/auth/screen/img/2202_login_520_230.jpg
Frame ID: 10F8D968985B665646DB56DF586BFDC5
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
SAISON CARD NetアンサーPage URL History Show full URLs
-
https://www.api.saisoncard.co.jp.htlhh.com/
HTTP 302
https://www.api.saisoncard.co.jp.htlhh.com/auth/screen/index.html Page URL
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Netアンサー新規登録(無料)
Search URL Search Domain Scan URL
Title: ID・パスワードをお忘れの方
Search URL Search Domain Scan URL
Title: クラブ・オン/ミレニアムカードでログイン
Search URL Search Domain Scan URL
Title: よくあるお問い合わせ
Search URL Search Domain Scan URL
Title: メンテナンス情報
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.api.saisoncard.co.jp.htlhh.com/
HTTP 302
https://www.api.saisoncard.co.jp.htlhh.com/auth/screen/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
www.api.saisoncard.co.jp.htlhh.com/auth/screen/ Redirect Chain
|
13 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
www.api.saisoncard.co.jp.htlhh.com/auth/screen/css/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layout.css
www.api.saisoncard.co.jp.htlhh.com/auth/screen/css/ |
3 KB 890 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_saison_01.png
www.api.saisoncard.co.jp.htlhh.com/auth/screen/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
key_ani.gif
www.api.saisoncard.co.jp.htlhh.com/auth/resources/img/ |
281 B 281 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
jp.api.capy.me/puzzle/get_image/ |
0 166 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
update.png
capy.storage.googleapis.com/static/img/ |
705 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new_make_captcha_easy.png
capy.storage.googleapis.com/static/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guide.png
capy.storage.googleapis.com/static/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
capy.storage.googleapis.com/static/img/ |
404 B 663 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
jp.api.capy.me/puzzle/get_js/ |
100 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer_img.png
www.api.saisoncard.co.jp.htlhh.com/auth/screen/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eye.png
www.api.saisoncard.co.jp.htlhh.com/auth/screen/img/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
if.html
www.api.saisoncard.co.jp.htlhh.com/auth/screen/ Frame 1C03 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon01.gif
www.api.saisoncard.co.jp.htlhh.com/auth/screen/img/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ie8_btnBG2.png
www.api.saisoncard.co.jp.htlhh.com/auth/screen/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ie8_btnBG.png
www.api.saisoncard.co.jp.htlhh.com/auth/screen/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
jp.api.capy.me/puzzle/get_image/ |
62 KB 62 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11.css
www.api.saisoncard.co.jp.htlhh.com/auth/screen/css/css/ Frame 1C03 |
2 KB 781 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
window_icon.gif
api.saisoncard.co.jp/html/images/ Frame 1C03 |
86 B 302 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2202_login_520_230.jpg
www.api.saisoncard.co.jp.htlhh.com/auth/screen/img/ Frame 10F8 |
27 KB 27 KB |
Document
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h3.gif
www.api.saisoncard.co.jp.htlhh.com/auth/screen/pages/images/ Frame 1C03 |
120 B 189 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_arrow.gif
www.api.saisoncard.co.jp.htlhh.com/auth/screen/pages/images/ Frame 1C03 |
197 B 290 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Saison Card (Financial)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| puzzleApp1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.api.saisoncard.co.jp.htlhh.com/ | Name: PHPSESSID Value: q4bdk8eq0tlkjv3du8vd5dh5gs |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.saisoncard.co.jp
capy.storage.googleapis.com
jp.api.capy.me
www.api.saisoncard.co.jp.htlhh.com
155.94.154.85
210.151.8.173
2404:6800:4008:c03::80
2600:1901:0:587d::
01c58e9fde4e043d29deb9b9f5a09930f7c8300de8fa91f1f08dbcdc56eb8682
046dae1710bdf2c2a11b49acadad79bafc11b086ed2d79e3c1647f129a8b8ddd
07846acd635bd4d4e71458b094cfde4604eec433b8e209306891bf8419fce783
1137d306aca280b4e2829b0afa32a912bfdd90af511daa597eaa6be203e2991f
12affd82cdf651aa717d22fce51ddb1172f7a81a4b0de517e0f5b237096175e5
1789dcf1404df735e1b092397149e73eeaa6d887abe76359b2f1df102c2a2329
1ea256140b93c9b1d60735469415412955c635d4ecb825da02f5c2207818e1c7
1ed19ea7ee0a908c19890a25bf56f01efe45d145f87e8f7f6964a79b8bbcec0b
217d1b91669dd4a21ce0cff140d526b43a3ac1ea5caa5578d5372fde00dadf1d
46b1e9712828ae8ad0dd0b7a6eb8b93aaaf6e014c97a5bf5b194749229f460c0
6527ce1d64e5deae0babf6d43438ea74a8f39d1eda142c92c4a6ada34f4a32f6
6dbfe2e8a966ff6518e842a34478a784dec9c08f2062692ae2e68ad9683c8631
766b9361bba45e02ec03d15b3e2ab80e70525570decb1473dfd6ab8ec49506fe
7829cd82e5b348bd82b5917ab6b4df98a0ca39a30a21d70735cf791e5e8b7bcf
a348c7a8a94430562064f02f77308e3e8bbaf912420b8cd77ad3956bdfbf7df5
a41d45143e94023697405baabba914184fee4de441c3880da7628e08e7fe2632
a485d61bbecaf28799bc489e555e816b61205600d282ac15f2eeb65ff6ee12f9
a6194d4e9e5945813caa5352a2ef667043b9301a440e3900177c781da44ffc38
b0f628c4204263d06e5a028c3f2df7a264df11d2766f7dfc50fe786bebda6df8
b5396b96d122928321773117aad160b5c7e0806334fc1477479123cd4a66683e
d68eb69e7d4ef98bf342eb54391369273ea035615647045c4ce4029616ddb641
da0e225d66db0a3ebf1aa9d3ba389955f3f220836f577830c6d9f12e0f9f2a4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855