lifecard.jp.sqkxg.top Open in urlscan Pro
172.86.126.67 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lifecard.co.jp.jlmnk.com/login.php
Effective URL:
https://lifecard.jp.sqkxg.top//login.php
Submission: On April 05 via automatic, source openphish (April 5th 2021, 1:09:11 am UTC)

Summary HTTP 18 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 18 HTTP transactions. The main IP is 172.86.126.67, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is lifecard.jp.sqkxg.top.
TLS certificate: Issued by R3 on April 4th 2021. Valid for: 3 months.

This is the only time lifecard.jp.sqkxg.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Life Card (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 5	172.86.126.67 172.86.126.67	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
11	95.100.81.61 95.100.81.61	16625 (AKAMAI-AS) (AKAMAI-AS)
3	54.64.120.121 54.64.120.121	16509 (AMAZON-02) (AMAZON-02)
18	3

5 172.86.126.67 (Los Angeles, United States) 1 redirects

ASN8100 (ASN-QUADRANET-GLOBAL, US)

lifecard.co.jp.jlmnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lifecard.jp.sqkxg.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 95.100.81.61 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-81-61.deploy.static.akamaitechnologies.com

www3.lifecard.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.64.120.121 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-120-121.ap-northeast-1.compute.amazonaws.com

navicast.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	lifecard.co.jp www3.lifecard.co.jp	22 KB
4	sqkxg.top lifecard.jp.sqkxg.top	6 KB
3	navicast.jp navicast.jp	27 KB
1	jlmnk.com 1 redirects lifecard.co.jp.jlmnk.com	109 B
18	4

	Domain	Requested by
11	www3.lifecard.co.jp	lifecard.jp.sqkxg.top
4	lifecard.jp.sqkxg.top	lifecard.jp.sqkxg.top
3	navicast.jp	lifecard.jp.sqkxg.top navicast.jp
1	lifecard.co.jp.jlmnk.com	1 redirects
18	4

This site contains links to these domains. Also see Links.

Domain
www.lifecard.co.jp

Subject Issuer	Validity	Valid
lifecard.jp.sqkxg.top R3	`2021-04-04` - `2021-07-03`	3 months	crt.sh
www3.lifecard.co.jp Cybertrust Japan SureServer EV CA G3	`2021-02-26` - `2022-02-26`	a year	crt.sh
navicast.jp Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://lifecard.jp.sqkxg.top//login.php
Frame ID: 0A5778C62069A1B7E2E211682C70BBC3
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://lifecard.co.jp.jlmnk.com/login.php HTTP 301
https://lifecard.jp.sqkxg.top//login.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

55 kB
Transfer

191 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.lifecard.co.jp/wd/webdesk_pop.html
Title: 以下全ての項目にご入力後、[登録]ボタンを押してください。 ※ツールバーの「戻る」、「進む」ボタンなどによりページ移動するとエラーとなり、入力内容が無効となりますのでご注意ください。

Search URL Search Domain Scan URL

URL: http://www.lifecard.co.jp/card_annai/scrt.html
Title: こちら

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lifecard.co.jp.jlmnk.com/login.php HTTP 301
https://lifecard.jp.sqkxg.top//login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login.php Show response
lifecard.jp.sqkxg.top//
Redirect Chain

https://lifecard.co.jp.jlmnk.com/login.php
https://lifecard.jp.sqkxg.top//login.php

60 KB
5 KB

479ms
161ms

Document
text/html

172.86.126.67
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://lifecard.jp.sqkxg.top//login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.86.126.67 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache /
Resource Hash: 563418ae7b7321e3d08b8eed12b9deedf05f28041867b696a31e39db45489ccc

Request headers

:method: GET
:authority: lifecard.jp.sqkxg.top
:scheme: https
:path: //login.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 01:08:53 GMT
server: Apache
vary: Accept-Encoding
content-encoding: gzip
content-length: 5476
content-type: text/html; charset=UTF-8

Redirect headers

date: Mon, 05 Apr 2021 01:08:52 GMT
server: Apache
location: https://lifecard.jp.sqkxg.top//login.php
content-length: 323
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK www.css
www3.lifecard.co.jp/WebDesk/ext/ 6 KB
3 KB 1481ms
1363ms Stylesheet
text/css 95.100.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.lifecard.co.jp/WebDesk/ext/www.css

Requested by

Host: lifecard.jp.sqkxg.top
URL: https://lifecard.jp.sqkxg.top//login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-81-61.deploy.static.akamaitechnologies.com

Software

Resource Hash

b53b2fc9f1c1f194269b90ddbfb2b7a13dc745146ac9c6e5f6de9c5c3d7db62f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lifecard.jp.sqkxg.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Apr 2021 01:08:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 02:46:08 GMT
Server
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
AKAMAI: 95.100.81.61
Content-Language: en
Cache-Control: no-cache,no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 2143

GET
H/1.1 200
OK head_logo.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ 5 KB
6 KB 1480ms
1362ms Image
image/gif 95.100.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.lifecard.co.jp/WebDesk/images/www/new/head_logo.gif

Requested by

Host: lifecard.jp.sqkxg.top
URL: https://lifecard.jp.sqkxg.top//login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-81-61.deploy.static.akamaitechnologies.com

Software

Resource Hash

b8769871503b1dbb802d5db063bd42d9413b90d031cd5e681b6023c172cee632

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lifecard.jp.sqkxg.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Apr 2021 01:08:54 GMT
Last-Modified: Wed, 03 Feb 2021 02:50:58 GMT
Server
X-Frame-Options: SAMEORIGIN
AKAMAI: 95.100.81.61
Content-Language: en
Cache-Control: no-cache,no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 5308

GET
H/1.1 200
OK spacer.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ 43 B
498 B 1484ms
1368ms Image
image/gif 95.100.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.lifecard.co.jp/WebDesk/images/www/new/spacer.gif

Requested by

Host: lifecard.jp.sqkxg.top
URL: https://lifecard.jp.sqkxg.top//login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-81-61.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lifecard.jp.sqkxg.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Apr 2021 01:08:54 GMT
Last-Modified: Wed, 03 Feb 2021 02:50:22 GMT
Server
X-Frame-Options: SAMEORIGIN
AKAMAI: 95.100.81.61
Content-Language: en
Cache-Control: no-cache,no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK sub_head_t_btn01.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ 1 KB
2 KB 1489ms
1372ms Image
image/gif 95.100.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.lifecard.co.jp/WebDesk/images/www/new/sub_head_t_btn01.gif

Requested by

Host: lifecard.jp.sqkxg.top
URL: https://lifecard.jp.sqkxg.top//login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-81-61.deploy.static.akamaitechnologies.com

Software

Resource Hash

62202360fee23ed32e86cebb95a831a3bc7fe0de5de216d74fe7ddb3a9a2c1da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lifecard.jp.sqkxg.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Apr 2021 01:08:54 GMT
Last-Modified: Wed, 03 Feb 2021 02:50:22 GMT
Server
X-Frame-Options: SAMEORIGIN
AKAMAI: 95.100.81.61
Content-Language: en
Cache-Control: no-cache,no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 1312

GET
H/1.1 200
OK sub_head_t_btn03.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ 1 KB
2 KB 1491ms
1374ms Image
image/gif 95.100.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.lifecard.co.jp/WebDesk/images/www/new/sub_head_t_btn03.gif

Requested by

Host: lifecard.jp.sqkxg.top
URL: https://lifecard.jp.sqkxg.top//login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-81-61.deploy.static.akamaitechnologies.com

Software

Resource Hash

dd24a497f719667aee99c2a8c72a222a24ba57c1c86a9b980e3f1e344b97c142

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lifecard.jp.sqkxg.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Apr 2021 01:08:54 GMT
Last-Modified: Wed, 03 Feb 2021 02:50:26 GMT
Server
X-Frame-Options: SAMEORIGIN
AKAMAI: 95.100.81.61
Content-Language: en
Cache-Control: no-cache,no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 1485

GET
H/1.1 200
OK spacer.gif
www3.lifecard.co.jp/WebDesk/images/www/ 43 B
498 B 1499ms
1383ms Image
image/gif 95.100.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.lifecard.co.jp/WebDesk/images/www/spacer.gif

Requested by

Host: lifecard.jp.sqkxg.top
URL: https://lifecard.jp.sqkxg.top//login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-81-61.deploy.static.akamaitechnologies.com

Software

Resource Hash

89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lifecard.jp.sqkxg.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Apr 2021 01:08:54 GMT
Last-Modified: Wed, 03 Feb 2021 02:50:12 GMT
Server
X-Frame-Options: SAMEORIGIN
AKAMAI: 95.100.81.61
Content-Language: en
Cache-Control: no-cache,no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK bit.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ 119 B
474 B 317ms
317ms Image
image/gif 95.100.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.lifecard.co.jp/WebDesk/images/www/new/bit.gif

Requested by

Host: lifecard.jp.sqkxg.top
URL: https://lifecard.jp.sqkxg.top//login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-81-61.deploy.static.akamaitechnologies.com

Software

Resource Hash

bcead0fd5bef19e75b6a99b40f733bc35bbd0d32bcb902bba12bdb5a3d37d4d8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lifecard.jp.sqkxg.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Apr 2021 01:08:55 GMT
X-Pad: avoid browser bug
Last-Modified: Wed, 03 Feb 2021 02:50:42 GMT
Server
X-Frame-Options: SAMEORIGIN
AKAMAI: 95.100.81.61
Content-Language: en
Cache-Control: no-cache,no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 119

GET
H2 200 qr.gif
lifecard.jp.sqkxg.top// 298 B
382 B 161ms
160ms Image
image/gif 172.86.126.67
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lifecard.jp.sqkxg.top//qr.gif
Requested by: Host: lifecard.jp.sqkxg.top
URL: https://lifecard.jp.sqkxg.top//login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.86.126.67 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache /
Resource Hash: bfbe1ac0335a3d6653413bb3b5e0076924d220b00141f39778b1055998025237

Request headers

Referer: https://lifecard.jp.sqkxg.top//login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 01:08:53 GMT
last-modified: Mon, 15 Mar 2021 09:01:00 GMT
server: Apache
accept-ranges: bytes
etag: "12a-5bd8f7d142b00"
content-length: 298
content-type: image/gif

GET
H/1.1 200
OK common_btn_toj.gif
www3.lifecard.co.jp/WebDesk/images/www/ 308 B
663 B 302ms
302ms Image
image/gif 95.100.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.lifecard.co.jp/WebDesk/images/www/common_btn_toj.gif

Requested by

Host: lifecard.jp.sqkxg.top
URL: https://lifecard.jp.sqkxg.top//login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-81-61.deploy.static.akamaitechnologies.com

Software

Resource Hash

88c1eb46e11112d70877f8754839e5a3b493d3ad5077083563b621605ef91dbb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lifecard.jp.sqkxg.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Apr 2021 01:08:55 GMT
X-Pad: avoid browser bug
Last-Modified: Wed, 03 Feb 2021 02:51:16 GMT
Server
X-Frame-Options: SAMEORIGIN
AKAMAI: 95.100.81.61
Content-Language: en
Cache-Control: no-cache,no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 308

GET
H/1.1 200
OK copy2.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ 1 KB
2 KB 304ms
303ms Image
image/gif 95.100.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.lifecard.co.jp/WebDesk/images/www/new/copy2.gif

Requested by

Host: lifecard.jp.sqkxg.top
URL: https://lifecard.jp.sqkxg.top//login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-81-61.deploy.static.akamaitechnologies.com

Software

Resource Hash

1ef83776afb759d160707e80b43023775918bd19623931de3768d22976e2b85a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lifecard.jp.sqkxg.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Apr 2021 01:08:55 GMT
Last-Modified: Wed, 03 Feb 2021 02:50:18 GMT
Server
X-Frame-Options: SAMEORIGIN
AKAMAI: 95.100.81.61
Content-Language: en
Cache-Control: no-cache,no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 1287

GET
H/1.1 200
OK NavicastApi.js Show response
navicast.jp/ 33 KB
11 KB 999ms
240ms Script
application/javascript 54.64.120.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://navicast.jp/NavicastApi.js?lifecard
Requested by: Host: lifecard.jp.sqkxg.top
URL: https://lifecard.jp.sqkxg.top//login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.120.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-120-121.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: d25d197aa0530093051290909c0fa5bc848fdff38e4848b294e0c06ad3b7a18e

Request headers

Referer: https://lifecard.jp.sqkxg.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Apr 2021 01:08:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Nov 2019 06:30:51 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10703

GET
H2 404 ytm.js
lifecard.jp.sqkxg.top/WebDesk/ext/ 0
0 161ms
159ms Script
text/html 172.86.126.67
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://lifecard.jp.sqkxg.top/WebDesk/ext/ytm.js
Requested by: Host: lifecard.jp.sqkxg.top
URL: https://lifecard.jp.sqkxg.top//login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.86.126.67 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://lifecard.jp.sqkxg.top//login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 01:08:53 GMT
server: Apache
content-length: 268
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK NavicastApi2.php Show response
navicast.jp/ 278 B
771 B 236ms
236ms Script
text/javascript 54.64.120.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://navicast.jp/NavicastApi2.php?mode=log&cookie[name]%20=NavicastApi&cookie[pv]=&cookie[uu]=&cookie[su]=&data[m]=&data[a]=&data[u]=lifecard&data[p]=&data[data]=https%3A//lifecard.jp.sqkxg.top//login.php&sys[url]=https%3A//lifecard.jp.sqkxg.top//login.php&data[msec]=1617584934965
Requested by: Host: navicast.jp
URL: https://navicast.jp/NavicastApi.js?lifecard
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.120.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-120-121.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b300522e2f788e78e866948d5e98af5b247e914ad831c9d1c63fa8727abd96e4

Request headers

Referer: https://lifecard.jp.sqkxg.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Apr 2021 01:08:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Access-Control-Allow-Methods: GET
P3P: CP="UNI CUR IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Type: text/javascript;;charset=UTF-8
Keep-Alive: timeout=5, max=99
Content-Length: 127

GET
H/1.1 200
OK NavicastApi2.php Show response
navicast.jp/ 76 KB
16 KB 697ms
460ms Script
text/javascript 54.64.120.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://navicast.jp/NavicastApi2.php?mode=js_read&f[]=blacklist.js&f[]=category.js&f[]=api/javascript/lib/library.js&f[]=user/lifecard/url.js&f[]=user/lifecard/product.js&js_after[]=$NC.api.check.product();&data[msec]=1617584934965
Requested by: Host: navicast.jp
URL: https://navicast.jp/NavicastApi.js?lifecard
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.120.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-120-121.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 4aaa0db8ccad1baad47ae3228096a9e1a32ee0ca3d9c9843c27124808dce28e6

Request headers

Referer: https://lifecard.jp.sqkxg.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Apr 2021 01:08:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
P3P: CP="UNI CUR IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/javascript; charset=UTF-8
Keep-Alive: timeout=5, max=98

GET
H2 404 ytm.js
lifecard.jp.sqkxg.top/WebDesk/ext/ 0
0 156ms
155ms Script
text/html 172.86.126.67
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://lifecard.jp.sqkxg.top/WebDesk/ext/ytm.js
Requested by: Host: lifecard.jp.sqkxg.top
URL: https://lifecard.jp.sqkxg.top//login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.86.126.67 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://lifecard.jp.sqkxg.top//login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 01:08:55 GMT
server: Apache
content-length: 268
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK head_bg_b.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ 269 B
624 B 278ms
278ms Image
image/gif 95.100.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.lifecard.co.jp/WebDesk/images/www/new/head_bg_b.gif

Requested by

Host: lifecard.jp.sqkxg.top
URL: https://lifecard.jp.sqkxg.top//login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-81-61.deploy.static.akamaitechnologies.com

Software

Resource Hash

604061184a6fee90268e9d46fcf7ae19ad06a55cd3b69748d6fcbcafb553a5e3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lifecard.jp.sqkxg.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Apr 2021 01:08:55 GMT
X-Pad: avoid browser bug
Last-Modified: Wed, 03 Feb 2021 02:50:42 GMT
Server
X-Frame-Options: SAMEORIGIN
AKAMAI: 95.100.81.61
Content-Language: en
Cache-Control: no-cache,no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 269

GET
H/1.1 200
OK head_bg.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ 6 KB
6 KB 283ms
283ms Image
image/gif 95.100.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.lifecard.co.jp/WebDesk/images/www/new/head_bg.gif

Requested by

Host: lifecard.jp.sqkxg.top
URL: https://lifecard.jp.sqkxg.top//login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-81-61.deploy.static.akamaitechnologies.com

Software

Resource Hash

0288e54eb3bdfb2e8e9fba11c24219feaf99e40e3fa26bc6ecda274ef69bb938

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lifecard.jp.sqkxg.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Apr 2021 01:08:55 GMT
Last-Modified: Wed, 03 Feb 2021 02:50:18 GMT
Server
X-Frame-Options: SAMEORIGIN
AKAMAI: 95.100.81.61
Content-Language: en
Cache-Control: no-cache,no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 5837

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Life Card (Financial)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lifecard.jp.sqkxg.top/	1970-01-19 17:19:48	Name: NavicastApi.su Value: 20210405.100855.08321900.35342
			lifecard.jp.sqkxg.top/	1970-01-20 02:05:20	Name: NavicastApi Value: 20210405.100855.08321900.35342

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lifecard.co.jp.jlmnk.com
lifecard.jp.sqkxg.top
navicast.jp
www3.lifecard.co.jp
172.86.126.67
54.64.120.121
95.100.81.61
0288e54eb3bdfb2e8e9fba11c24219feaf99e40e3fa26bc6ecda274ef69bb938
1ef83776afb759d160707e80b43023775918bd19623931de3768d22976e2b85a
4aaa0db8ccad1baad47ae3228096a9e1a32ee0ca3d9c9843c27124808dce28e6
563418ae7b7321e3d08b8eed12b9deedf05f28041867b696a31e39db45489ccc
604061184a6fee90268e9d46fcf7ae19ad06a55cd3b69748d6fcbcafb553a5e3
62202360fee23ed32e86cebb95a831a3bc7fe0de5de216d74fe7ddb3a9a2c1da
88c1eb46e11112d70877f8754839e5a3b493d3ad5077083563b621605ef91dbb
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b300522e2f788e78e866948d5e98af5b247e914ad831c9d1c63fa8727abd96e4
b53b2fc9f1c1f194269b90ddbfb2b7a13dc745146ac9c6e5f6de9c5c3d7db62f
b8769871503b1dbb802d5db063bd42d9413b90d031cd5e681b6023c172cee632
bcead0fd5bef19e75b6a99b40f733bc35bbd0d32bcb902bba12bdb5a3d37d4d8
bfbe1ac0335a3d6653413bb3b5e0076924d220b00141f39778b1055998025237
d25d197aa0530093051290909c0fa5bc848fdff38e4848b294e0c06ad3b7a18e
dd24a497f719667aee99c2a8c72a222a24ba57c1c86a9b980e3f1e344b97c142

lifecard.jp.sqkxg.top Open in urlscan Pro 172.86.126.67 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

55 kBTransfer

191 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

2 Cookies

Indicators

lifecard.jp.sqkxg.top Open in urlscan Pro
172.86.126.67 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

55 kB
Transfer

191 kB
Size

2
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!