lifecard.jp.sqkxg.top
Open in
urlscan Pro
172.86.126.67
Malicious Activity!
Public Scan
Effective URL: https://lifecard.jp.sqkxg.top//login.php
Submission: On April 05 via automatic, source openphish
Summary
TLS certificate: Issued by R3 on April 4th 2021. Valid for: 3 months.
This is the only time lifecard.jp.sqkxg.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Life Card (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 172.86.126.67 172.86.126.67 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
11 | 95.100.81.61 95.100.81.61 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
3 | 54.64.120.121 54.64.120.121 | 16509 (AMAZON-02) (AMAZON-02) | |
18 | 3 |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
lifecard.co.jp.jlmnk.com | |
lifecard.jp.sqkxg.top |
ASN16625 (AKAMAI-AS, US)
PTR: a95-100-81-61.deploy.static.akamaitechnologies.com
www3.lifecard.co.jp |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-120-121.ap-northeast-1.compute.amazonaws.com
navicast.jp |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
lifecard.co.jp
www3.lifecard.co.jp |
22 KB |
4 |
sqkxg.top
lifecard.jp.sqkxg.top |
6 KB |
3 |
navicast.jp
navicast.jp |
27 KB |
1 |
jlmnk.com
1 redirects
lifecard.co.jp.jlmnk.com |
109 B |
18 | 4 |
Domain | Requested by | |
---|---|---|
11 | www3.lifecard.co.jp |
lifecard.jp.sqkxg.top
|
4 | lifecard.jp.sqkxg.top |
lifecard.jp.sqkxg.top
|
3 | navicast.jp |
lifecard.jp.sqkxg.top
navicast.jp |
1 | lifecard.co.jp.jlmnk.com | 1 redirects |
18 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.lifecard.co.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
lifecard.jp.sqkxg.top R3 |
2021-04-04 - 2021-07-03 |
3 months | crt.sh |
www3.lifecard.co.jp Cybertrust Japan SureServer EV CA G3 |
2021-02-26 - 2022-02-26 |
a year | crt.sh |
navicast.jp Amazon |
2020-12-25 - 2022-01-23 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://lifecard.jp.sqkxg.top//login.php
Frame ID: 0A5778C62069A1B7E2E211682C70BBC3
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://lifecard.co.jp.jlmnk.com/login.php
HTTP 301
https://lifecard.jp.sqkxg.top//login.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: 以下全ての項目にご入力後、[登録]ボタンを押してください。 ※ツールバーの「戻る」、「進む」ボタンなどによりページ移動するとエラーとなり、入力内容が無効となりますのでご注意ください。
Search URL Search Domain Scan URL
Title: こちら
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://lifecard.co.jp.jlmnk.com/login.php
HTTP 301
https://lifecard.jp.sqkxg.top//login.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.php
lifecard.jp.sqkxg.top// Redirect Chain
|
60 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
www.css
www3.lifecard.co.jp/WebDesk/ext/ |
6 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
head_logo.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ |
5 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spacer.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ |
43 B 498 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sub_head_t_btn01.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sub_head_t_btn03.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spacer.gif
www3.lifecard.co.jp/WebDesk/images/www/ |
43 B 498 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bit.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ |
119 B 474 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qr.gif
lifecard.jp.sqkxg.top// |
298 B 382 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common_btn_toj.gif
www3.lifecard.co.jp/WebDesk/images/www/ |
308 B 663 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
copy2.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NavicastApi.js
navicast.jp/ |
33 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytm.js
lifecard.jp.sqkxg.top/WebDesk/ext/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NavicastApi2.php
navicast.jp/ |
278 B 771 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NavicastApi2.php
navicast.jp/ |
76 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytm.js
lifecard.jp.sqkxg.top/WebDesk/ext/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
head_bg_b.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ |
269 B 624 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
head_bg.gif
www3.lifecard.co.jp/WebDesk/images/www/new/ |
6 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Life Card (Financial)17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| classDoublLoad function| TMG object| tmg function| consoleLog function| monitoringCompState function| NavicastApi object| navicastApi object| $NC2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
lifecard.jp.sqkxg.top/ | Name: NavicastApi.su Value: 20210405.100855.08321900.35342 |
|
lifecard.jp.sqkxg.top/ | Name: NavicastApi Value: 20210405.100855.08321900.35342 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
lifecard.co.jp.jlmnk.com
lifecard.jp.sqkxg.top
navicast.jp
www3.lifecard.co.jp
172.86.126.67
54.64.120.121
95.100.81.61
0288e54eb3bdfb2e8e9fba11c24219feaf99e40e3fa26bc6ecda274ef69bb938
1ef83776afb759d160707e80b43023775918bd19623931de3768d22976e2b85a
4aaa0db8ccad1baad47ae3228096a9e1a32ee0ca3d9c9843c27124808dce28e6
563418ae7b7321e3d08b8eed12b9deedf05f28041867b696a31e39db45489ccc
604061184a6fee90268e9d46fcf7ae19ad06a55cd3b69748d6fcbcafb553a5e3
62202360fee23ed32e86cebb95a831a3bc7fe0de5de216d74fe7ddb3a9a2c1da
88c1eb46e11112d70877f8754839e5a3b493d3ad5077083563b621605ef91dbb
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b300522e2f788e78e866948d5e98af5b247e914ad831c9d1c63fa8727abd96e4
b53b2fc9f1c1f194269b90ddbfb2b7a13dc745146ac9c6e5f6de9c5c3d7db62f
b8769871503b1dbb802d5db063bd42d9413b90d031cd5e681b6023c172cee632
bcead0fd5bef19e75b6a99b40f733bc35bbd0d32bcb902bba12bdb5a3d37d4d8
bfbe1ac0335a3d6653413bb3b5e0076924d220b00141f39778b1055998025237
d25d197aa0530093051290909c0fa5bc848fdff38e4848b294e0c06ad3b7a18e
dd24a497f719667aee99c2a8c72a222a24ba57c1c86a9b980e3f1e344b97c142