netstation2-aplus-co-jp.xwyforeverlcw.top Open in urlscan Pro
2606:4700:3036::ac43:c8ec Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://netstation2-aplus-co-jp.xwyforeverlcw.top/
Effective URL:
https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav...
Submission Tags: phishing shinseibank jp financial Search All
Submission: On December 23 via api (December 23rd 2021, 1:37:54 pm UTC) from JP — Scanned from JP

Summary HTTP 14 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3036::ac43:c8ec, located in United States and belongs to CLOUDFLARENET, US. The main domain is netstation2-aplus-co-jp.xwyforeverlcw.top.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 23rd 2021. Valid for: a year.

This is the only time netstation2-aplus-co-jp.xwyforeverlcw.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Aplus (Shinsei Bank) (Financial)

Domain & IP information

	IP Address		AS Autonomous System
1 15	2606:4700:303... 2606:4700:3036::ac43:c8ec		13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	1

15 2606:4700:3036::ac43:c8ec (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

netstation2-aplus-co-jp.xwyforeverlcw.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	xwyforeverlcw.top 1 redirects netstation2-aplus-co-jp.xwyforeverlcw.top	286 KB
14	1

	Domain	Requested by
15	netstation2-aplus-co-jp.xwyforeverlcw.top	1 redirects netstation2-aplus-co-jp.xwyforeverlcw.top
14	1

This site contains links to these domains. Also see Links.

Domain
www.aplus.co.jp
netstation2.aplus.co.jp
www.facebook.com
twitter.com
www.shinseibank.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-23` - `2022-12-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp
Frame ID: A1E19DCEE5C0904F84A8C9D15881D734
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ログイン | アプラス

Page URL History Show full URLs

https://netstation2-aplus-co-jp.xwyforeverlcw.top/ HTTP 302
https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.c... Page URL

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

285 kB
Transfer

374 kB
Size

1
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://www.aplus.co.jp/card/douin.html
Title: 新規登録（無料）

Search URL Search Domain Scan URL

URL: http://www.aplus.co.jp/netstation/
Title: NETstation*APLUSについて

Search URL Search Domain Scan URL

URL: https://www.aplus.co.jp/creditcard/netstation/app/

Search URL Search Domain Scan URL

URL: https://netstation2.aplus.co.jp/netstation/idinquiry/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/APLUSNEWS

Search URL Search Domain Scan URL

URL: https://twitter.com/APLUS_NEWS

Search URL Search Domain Scan URL

URL: https://www.aplus.co.jp/go/sns/line/

Search URL Search Domain Scan URL

URL: https://www.aplus.co.jp/creditcard/use/security/3d_secure/

Search URL Search Domain Scan URL

URL: https://www.shinseibank.com/powerflex/cam/cam_1810splus.html?xadid=an_p_aph_spl2109login

Search URL Search Domain Scan URL

URL: http://www.aplus.co.jp/notes/2014/net_station_aplus.html
Title: NET station*APLUSのＩＤ・パスワードの取扱いに関するご注意とお願い

Search URL Search Domain Scan URL

URL: http://www.aplus.co.jp/creditcard/use/security/info03.html#anc05
Title: NET station*APLUSのパスワードの管理は慎重に

Search URL Search Domain Scan URL

URL: http://www.aplus.co.jp/policy/index.html
Title: 個人情報保護方針

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://netstation2-aplus-co-jp.xwyforeverlcw.top/ HTTP 302
https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response netstation2-aplus-co-jp.xwyforeverlcw.top/login/ Redirect Chain https://netstation2-aplus-co-jp.xwyforeverlcw.top/ https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs...	6 KB 2 KB	229ms 229ms	Document text/html	2606:4700:3036::ac43:c8ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c8ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3d5ecf4670195284ca754b66d2c389bfa692d24ef6e3f54bd4b04443751c8d8f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Response headers date Thu, 23 Dec 2021 13:37:49 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WeDtKrZXdrh5bKLu5pZ1RIMxEOvTTCEeqgpf08SrssZEaFcRAQcPQcl4QoJP36%2F%2B3PfqyHbU0mO1UlfoZ74DvaMHq8RtGEwfpelZiVvkDM3uiIVhjGXDulWOlAjiUPlC%2FvsocE%2FmN1c4453gyPqf%2Bu74selRemZyGgjjiNYOIbIKsuoODtHz5w%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6c21fc999db880d7-NRT content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers date Thu, 23 Dec 2021 13:37:49 GMT content-type text/html; charset=UTF-8 location login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7lwZehjJO5XkPStBqEGgqiQjepiO3KqkzFQXenn8%2B9ZWLVR9nMY0cMaeDGq6EmYYV6EMvMLy%2BLnoXoVRUMMsbwf9hi6e4NZGyg5c%2BrumykjS2GpTn5zH9ZErOgiTqSrRWNAWiqBD0ueqeygJzgqTQQzYVATwxfBkApJl0g4e5VWEpJzq0sivA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6c21fc95dd9080d7-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	style.css netstation2-aplus-co-jp.xwyforeverlcw.top/login/	112 KB 18 KB	31ms 31ms	Stylesheet text/css	2606:4700:3036::ac43:c8ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/style.css Requested by Host: netstation2-aplus-co-jp.xwyforeverlcw.top URL: https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c8ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ca1908037647016e9ca9b5f176bbb92dfff6a3a510a68ce876020c22d9574d10` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:37:49 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4 cf-polished origSize=148845 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Fri, 24 Sep 2021 13:35:46 GMT server cloudflare etag W/"614dd432-2456d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Em5fzxsOQt%2F54yqaO1PVGW3LgDCjD3ZortWdqasX%2BtfUwExc%2FpsD4qjbDyARcqGGQjMXZx4ha05JQr5%2BfVOeBIDRLooirPQP1Lnj0vBrq8dftih9a8Id1oZHmlFyyf5Na0ByXQGRuabl5DP4CzEABEcb1vYY7Cn6kOkI%2B4fLq0cF7h843XWskw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 6c21fc9b3ceb8a5c-NRT expires Fri, 24 Dec 2021 01:37:45 GMT
GET H3	200	app_pc.jpg netstation2-aplus-co-jp.xwyforeverlcw.top/login/	16 KB 17 KB	15ms 15ms	Image image/jpeg	2606:4700:3036::ac43:c8ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/app_pc.jpg Requested by Host: netstation2-aplus-co-jp.xwyforeverlcw.top URL: https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c8ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3cb885d126f0c2d91d34f9cf958cb68fe5547986e94fad6fa5acbeb62c6023f1` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:37:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 16816 last-modified Fri, 24 Sep 2021 13:35:46 GMT server cloudflare etag "614dd432-41b0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VN%2FgHFVIdarEcBWVO8mJjYes8qzQzJUCzUQgfN9Ax0qWy2X%2Bf1XWmE8NAF%2BD5zhSCNB6%2Fjn007JRITR2DRHPhtjthQqRBBZ1Rho7oBJhohykhYH7TZux3lC7SrelkdGS2WtLprAhJ1dDcuVj10N06qYeGJ7Y4dX%2BJxxlTiFHZ64%2BaDsJTs8%2Fww%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 6c21fc9b3ced8a5c-NRT expires Sat, 22 Jan 2022 13:37:45 GMT
GET H3	200	remind-2.jpg netstation2-aplus-co-jp.xwyforeverlcw.top/login/	11 KB 12 KB	33ms 32ms	Image image/jpeg	2606:4700:3036::ac43:c8ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/remind-2.jpg Requested by Host: netstation2-aplus-co-jp.xwyforeverlcw.top URL: https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c8ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `feffa0caa07987c670cae82d6a1c920bb0a68a2207b8f84e3a18a6ef624a0cbb` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:37:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 11667 last-modified Fri, 24 Sep 2021 13:35:46 GMT server cloudflare etag "614dd432-2d93" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJXZNF%2B2GIiBS34mtvkDwK2eTSLBvsTGAU7wBkg6dHXnPbdjDZ%2Fu%2BCaBViLGeyur8KZwbWppQlwAEtn2xUMv6mD3SXkNoNXzsQ4RreKaxCVDQ3VBDpG65Knsq0EiWQXQlAMBKjduDvGF16d1S8DfXrH5uwNfkuoFjuOmog6Cql856m1bm1OQEQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 6c21fc9b3cf08a5c-NRT expires Sat, 22 Jan 2022 13:37:45 GMT
GET H3	200	bn_facebook.gif netstation2-aplus-co-jp.xwyforeverlcw.top/login/	15 KB 15 KB	34ms 34ms	Image image/gif	2606:4700:3036::ac43:c8ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/bn_facebook.gif Requested by Host: netstation2-aplus-co-jp.xwyforeverlcw.top URL: https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c8ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b923088ea8deadb010739d6c188b3a5128f538df0b4004e4ab8e520d4934b170` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:37:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 15199 last-modified Fri, 24 Sep 2021 13:35:46 GMT server cloudflare etag "614dd432-3b5f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2F4oIIEYiK3AmL9nuhHz%2Fbo6vaRmgs%2F8vS7RDQhc5rw915fHQDvTQIm2FMpnRH2mau7hNoS0AygS6AVO0NjzHUXR8kFwuLvgZaMwK4YLo5omSW4m%2FxmPIJVPr1xFnsy1eOxac06fwREfBNoY0k9N2dBSWD3Z9hkgJDS7uy0aEfUEBWqGk3IgBw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 6c21fc9b3cf38a5c-NRT expires Sat, 22 Jan 2022 13:37:45 GMT
GET H3	200	bn_twitter.gif netstation2-aplus-co-jp.xwyforeverlcw.top/login/	15 KB 15 KB	35ms 34ms	Image image/gif	2606:4700:3036::ac43:c8ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/bn_twitter.gif Requested by Host: netstation2-aplus-co-jp.xwyforeverlcw.top URL: https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c8ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8735828b2e32b3ed356ae4bf91b0d95b464d31716702bbcb472a93d0ab560c01` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:37:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 15123 last-modified Fri, 24 Sep 2021 13:35:46 GMT server cloudflare etag "614dd432-3b13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RP6z8uxD20kRZlgRtXU0CAvXk9bfT7Z2GlyK5ZhBnUR65nqaXt%2Ff%2FbIrW%2B0MRPYGyR28s0IY%2BTHtTQnZ390F7V8sPPnRMYZ2nnX11D41Wt2ssagUCwL1nxGU3G0wYgmMHMqC72b3d2b%2BPmoey116KpPhhG8KI6ZhJRYjruGKPLfnoID8UpfnQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 6c21fc9b3cf48a5c-NRT expires Sat, 22 Jan 2022 13:37:45 GMT
GET H3	200	line.gif netstation2-aplus-co-jp.xwyforeverlcw.top/login/	8 KB 8 KB	37ms 36ms	Image image/gif	2606:4700:3036::ac43:c8ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/line.gif Requested by Host: netstation2-aplus-co-jp.xwyforeverlcw.top URL: https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c8ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f59085841b5eff890edddfb58d9507eaa5d2b12f42c68d5254f805450dd3de69` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:37:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 7918 last-modified Fri, 24 Sep 2021 13:35:46 GMT server cloudflare etag "614dd432-1eee" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zKr7Cg2a267BVvDo5Q5bGgIrCbkahJ3BXdLEwZb4rjFOno1F49%2BbyZdOohXkod78c0CZlJnyFKW41DffKx8c3xbUuzFrfEPun0CCd6G623vTIYyPSrjMnjo1%2FYTFKv%2BiYG5CMkrQDgsVsGv6Wjj5ZC%2FqPjy61rtBLfeJ61NdlWmGYf9uW0t%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 6c21fc9b3cf68a5c-NRT expires Sat, 22 Jan 2022 13:37:45 GMT
GET H3	200	mv_top_shinsei2109.png netstation2-aplus-co-jp.xwyforeverlcw.top/login/	187 KB 188 KB	38ms 37ms	Image image/png	2606:4700:3036::ac43:c8ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/mv_top_shinsei2109.png Requested by Host: netstation2-aplus-co-jp.xwyforeverlcw.top URL: https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c8ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b004c22a0a558c78fde00d5fd42966006ce2df8afa54b2cdb808d4058a8aaeba` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.aplus.co.jp%2F%3Fref_%3Dnav_em_hd_re_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&&ref_=nav_em_hd_clc_signinhttps://www.aplus.co.jp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:37:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 191923 last-modified Fri, 24 Sep 2021 13:35:46 GMT server cloudflare etag "614dd432-2edb3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDqcyIhQB3KAci7yvy5kFqVF6iT1F0QK4WV03wsa0lSsl%2FEPW4o6G6OqDDLLzAaF5xDuEt8XVUDyLW0YIa4bOfok5lyaPChqMnfz9DfvJGlYiLTSSv1FvMqGn83fKS2koh36AMGRTY8f0MwPBrKHPgcXIm%2F%2FVuyPRgYOcPHftTCN9LfwSCipyg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 6c21fc9b3cf88a5c-NRT expires Sat, 22 Jan 2022 13:37:45 GMT
GET H3	200	hd-main-bg.png netstation2-aplus-co-jp.xwyforeverlcw.top/login/	79 B 716 B	17ms 17ms	Image image/png	2606:4700:3036::ac43:c8ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/hd-main-bg.png Requested by Host: netstation2-aplus-co-jp.xwyforeverlcw.top URL: https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c8ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e0a2c557ff82f058d09f93d4ff276190915d21f7ff70155eacb74017e87463a2` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:37:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 79 last-modified Fri, 24 Sep 2021 13:35:46 GMT server cloudflare etag "614dd432-4f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKrpSZQGNUbBDEBCQfWdDfbZhvkcxKIYLD5ptaBNsSmflyrq52CFZ3KA6LXNWbXQ%2BKM%2Bay5iH%2BqaJfSZnKqXNOX9WvVxBd2n4fve0vEeSJbusBDI0fBhNwEX9a0vTzeHQ8HHCzweOWZFURyqXRtuHfsMqjqJi3Hvz3wfVIbFMK5zqd%2F8uCyRxA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 6c21fc9b7d778a5c-NRT expires Sat, 22 Jan 2022 13:37:45 GMT
GET H3	200	hd-logo.png netstation2-aplus-co-jp.xwyforeverlcw.top/login/	1 KB 2 KB	17ms 15ms	Image image/png	2606:4700:3036::ac43:c8ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/hd-logo.png Requested by Host: netstation2-aplus-co-jp.xwyforeverlcw.top URL: https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c8ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b2f5063644a8bf6df9f21bbf528454a2413bce5e01287a940aed548ac5c957e0` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:37:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1223 last-modified Fri, 24 Sep 2021 13:35:46 GMT server cloudflare etag "614dd432-4c7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ICZe1uGwxl1pemCDwyU2aKkGoAD%2BPQTwJueuUkpmPKMHEa8P3WJVj26yooPc%2BzKONpt9Q0Bn4nQgD8ia6%2FUDFW2eDOWpliDnYCvprNiX5pXIuRNeLYEEjpVBF7BOngAtB9vEi7MdTRkZoivaLmCc8pWkTp0Tif%2BfRgfUB2y5mEl4hEpolzkUg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 6c21fc9b7d7f8a5c-NRT expires Sat, 22 Jan 2022 13:37:45 GMT
GET H3	200	gloval-bg.png netstation2-aplus-co-jp.xwyforeverlcw.top/login/	83 B 715 B	16ms 15ms	Image image/png	2606:4700:3036::ac43:c8ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/gloval-bg.png Requested by Host: netstation2-aplus-co-jp.xwyforeverlcw.top URL: https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c8ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `65e17e668c3d58082c325dfba0943414fdce67de6bcbc2f56e2bd56ad74278fa` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:37:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 83 last-modified Fri, 24 Sep 2021 13:35:46 GMT server cloudflare etag "614dd432-53" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAK0M8A1nBwQQo2jCdjXE631bBupLgNrNfvegQS%2B4DpXCYymZJygTaS2cI0Op4V6aM1I2VR2Z9jYuiQhwrYlxLE%2BmXGAooXUXKhqEuw7oSFv1S7d3dhQNXl86sREShJ0A3%2BdGnoEtxZgziYXWuV8LOJGHxUqWXEcxWghqIofcgrxBETVQxtRZw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 6c21fc9b7d858a5c-NRT expires Sat, 22 Jan 2022 13:37:45 GMT
GET H3	200	icon.png netstation2-aplus-co-jp.xwyforeverlcw.top/login/	997 B 2 KB	14ms 14ms	Image image/png	2606:4700:3036::ac43:c8ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/icon.png Requested by Host: netstation2-aplus-co-jp.xwyforeverlcw.top URL: https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c8ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0bf85b852f5aa189bd34c2944b5093d14182cfedb62f5f01cd8e4763384c9aaa` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:37:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 997 last-modified Fri, 24 Sep 2021 13:35:46 GMT server cloudflare etag "614dd432-3e5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSitYpIRA9bvfygBoBc4el%2Fr9xG02mMIW7TqQaYEQelzs52%2FZ50XoHmvh1qBLZ3JHK493Wanb7ijcep6c3b2rFQ2J1vjNTe4M%2BCMuCt1QLBnf6WJfX0P0lSZnjdIJw9dQO2qDZWtUDwoZ8n6CExFtTruXKwqHStjOrDO3SUyeYVmlZM4TAihSQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 6c21fc9b7d888a5c-NRT expires Sat, 22 Jan 2022 13:37:45 GMT
GET H3	200	pagetop.png netstation2-aplus-co-jp.xwyforeverlcw.top/login/	1 KB 2 KB	14ms 13ms	Image image/png	2606:4700:3036::ac43:c8ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/pagetop.png Requested by Host: netstation2-aplus-co-jp.xwyforeverlcw.top URL: https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c8ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4aa74984a49acbbd2b76baf9b9ffdd7578ff355e150c6bbbbf42299d08f17d7c` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:37:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1034 last-modified Fri, 24 Sep 2021 13:35:46 GMT server cloudflare etag "614dd432-40a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVDxwAAupjEt42rJ%2FKG%2F420RcMqRKM5SchcDy6hffRMuk0MHunk0qiGNv%2BmMSN2%2FXIehwe%2BgYFnlew0r%2FjjbNGzVYmDvjrrZTiJ0%2FwgesCsvzpfX9ZIEeRge6KQ00txaweCZuTHg2LW%2BgKru%2Bm7IUNh209CkgKLbWwKi1CBLzItRDD6OY%2Bkhsg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 6c21fc9b7d918a5c-NRT expires Sat, 22 Jan 2022 13:37:45 GMT
GET H3	200	ft-logo.png netstation2-aplus-co-jp.xwyforeverlcw.top/login/	1 KB 2 KB	14ms 14ms	Image image/png	2606:4700:3036::ac43:c8ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/ft-logo.png Requested by Host: netstation2-aplus-co-jp.xwyforeverlcw.top URL: https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c8ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `813a1e9758bb99a4744c6b6b84233b6442b8998ad1a83fc36642425232f44b27` Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://netstation2-aplus-co-jp.xwyforeverlcw.top/login/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:37:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1094 last-modified Fri, 24 Sep 2021 13:35:46 GMT server cloudflare etag "614dd432-446" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VK4t%2BqYhU5EAiaYLvKK9XclPZrmxovwdAPGH6fWq%2FdVQgy075Nz%2F7rrjIaY9L3lwTo9sCAXT4R9OF2gQYbdyLOAbMWP%2BMNqV630xEw4dvAKVbIYZ51v5RQvvk8zcEKdOt280O3rpClhOK11FBGmR1X9DbFnvfPDehDLxkldq0HEKNdy6HCNDiQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 6c21fc9b7d958a5c-NRT expires Sat, 22 Jan 2022 13:37:46 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Aplus (Shinsei Bank) (Financial)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			netstation2-aplus-co-jp.xwyforeverlcw.top/	1969-12-31 23:59:59	Name: PHPSESSID Value: c0a769ur70fek3gchgetg4hp13

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

netstation2-aplus-co-jp.xwyforeverlcw.top
2606:4700:3036::ac43:c8ec
0bf85b852f5aa189bd34c2944b5093d14182cfedb62f5f01cd8e4763384c9aaa
3cb885d126f0c2d91d34f9cf958cb68fe5547986e94fad6fa5acbeb62c6023f1
3d5ecf4670195284ca754b66d2c389bfa692d24ef6e3f54bd4b04443751c8d8f
4aa74984a49acbbd2b76baf9b9ffdd7578ff355e150c6bbbbf42299d08f17d7c
65e17e668c3d58082c325dfba0943414fdce67de6bcbc2f56e2bd56ad74278fa
813a1e9758bb99a4744c6b6b84233b6442b8998ad1a83fc36642425232f44b27
8735828b2e32b3ed356ae4bf91b0d95b464d31716702bbcb472a93d0ab560c01
b004c22a0a558c78fde00d5fd42966006ce2df8afa54b2cdb808d4058a8aaeba
b2f5063644a8bf6df9f21bbf528454a2413bce5e01287a940aed548ac5c957e0
b923088ea8deadb010739d6c188b3a5128f538df0b4004e4ab8e520d4934b170
ca1908037647016e9ca9b5f176bbb92dfff6a3a510a68ce876020c22d9574d10
e0a2c557ff82f058d09f93d4ff276190915d21f7ff70155eacb74017e87463a2
f59085841b5eff890edddfb58d9507eaa5d2b12f42c68d5254f805450dd3de69
feffa0caa07987c670cae82d6a1c920bb0a68a2207b8f84e3a18a6ef624a0cbb

netstation2-aplus-co-jp.xwyforeverlcw.top Open in urlscan Pro 2606:4700:3036::ac43:c8ec Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

285 kBTransfer

374 kBSize

1 Cookies

12 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Indicators

netstation2-aplus-co-jp.xwyforeverlcw.top Open in urlscan Pro
2606:4700:3036::ac43:c8ec Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

285 kB
Transfer

374 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!