azopmge.com
Open in
urlscan Pro
23.247.42.161
Malicious Activity!
Public Scan
Effective URL: https://azopmge.com/index.php/index/Login/index.html
Submission: On October 27 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on September 19th 2022. Valid for: 3 months.
This is the only time azopmge.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Japan Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 22 | 23.247.42.161 23.247.42.161 | 46573 (LAYER-HOST) (LAYER-HOST) | |
21 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
azopmge.com
1 redirects
azopmge.com |
254 KB |
21 | 1 |
Domain | Requested by | |
---|---|---|
22 | azopmge.com |
1 redirects
azopmge.com
|
21 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
azopmge.com R3 |
2022-09-19 - 2022-12-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://azopmge.com/index.php/index/Login/index.html
Frame ID: 918641D91A1274AED746C11622519313
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
郵便局|日本郵便株式会社Page URL History Show full URLs
- https://azopmge.com/ Page URL
-
https://azopmge.com/index123.php?t=caa7acd2665c41d51c863d238ec5a8bebcc40aa2ddbf10cbca92297b62b7f848
HTTP 302
https://azopmge.com/index.php Page URL
- https://azopmge.com/index.php/index/Login/index.html Page URL
Detected technologies
Akamai Bot Manager (Security) ExpandDetected patterns
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://azopmge.com/ Page URL
-
https://azopmge.com/index123.php?t=caa7acd2665c41d51c863d238ec5a8bebcc40aa2ddbf10cbca92297b62b7f848
HTTP 302
https://azopmge.com/index.php Page URL
- https://azopmge.com/index.php/index/Login/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://azopmge.com/index123.php?t=caa7acd2665c41d51c863d238ec5a8bebcc40aa2ddbf10cbca92297b62b7f848 HTTP 302
- https://azopmge.com/index.php
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
azopmge.com/ |
1 KB 1005 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.23238u92u82.js
azopmge.com/vendor/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.php
azopmge.com/ Redirect Chain
|
108 B 158 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.html
azopmge.com/index.php/index/Login/ |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61ccss.css
azopmge.com/Amazonsignin_files/ |
136 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01Scss.css
azopmge.com/Amazonsignin_files/ |
51 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11Hcss.css
azopmge.com/Amazonsignin_files/ |
2 KB 873 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layui.css
azopmge.com/static/js/plugins/layui/css/ |
72 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Feng.js
azopmge.com/static/js/common/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
azopmge.com/static/js/ |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layer.min.js
azopmge.com/static/js/plugins/layer/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21Qcss.css
azopmge.com/Amazonsignin_files/ |
84 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
219css.css
azopmge.com/Amazonsignin_files/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-nav-sm-smile-sprite-global-1x_blueheaven._CB485919093_.png
azopmge.com/Amazonsignin_files/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.png
azopmge.com/static/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.jpg
azopmge.com/static/img/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.png
azopmge.com/static/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.45b4330.gif
azopmge.com/img/ |
57 KB 57 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layer.css
azopmge.com/static/js/plugins/layer/skin/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yubin.ttf
azopmge.com/Amazonsignin_files/ |
86 KB 49 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jilu
azopmge.com/index/login/ |
0 89 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Japan Post (Transportation)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| Feng function| $ function| jQuery object| layer function| jilu function| checkpost4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.azopmge.com/ | Name: 62345ba76168db0033ce8ae6a90ce5a762956614 Value: nwcMGFHjQc7nDOZDxhWlbg%3D%3D |
|
.azopmge.com/ | Name: _amkc Value: d2a73180-5c50-4fc8-92fc-e1f9cb9423ee |
|
.azopmge.com/ | Name: ak_bmsc Value: 4zeEvajla5VXwOLAS9VKlmd3PrDVR9DehY0UPRBEsPEgt%2BpOsS0PkLwchMK46pZ8w3nUh%2FbWFuOGsbuBKlTWggKp7t0r9mF9eqtHl2ICT5sOcx3tzCdXtlIm%2FBQLg6oT31xsLIgFKPd9UFCo7RIDLuMLFTGWuToJLNoqaa9tCdsJfam5evilpRNJWuVkhx5dbwfZYJEMwSir7mUIl3CU2BI0N%2BUloIORnNYZbfX6QNg96yA04D0tV9FJtH4IYofFtyhQsoaqW2xpREw2AcbH7ZBfU3Al9yKGdBBQRyEEmi%2FAr2XjUnYaxUVpptL9C%2FHZqDBVX1xMh10SNhsRR0ztdTyDL3G1JrfUzsT7r32wlhyGEdwkvSUvc50lOZ%2F16B%2FwHmEjagnFqmk43vv7h0ci5kdZqGbTd5L0n83BT3H9xQXp3DBU5Ebbmq8GMTZ74%2FlEmN8N1%2BnqSU2WTODu%2Fr3RsRNws1bfxxf58fXtiq%2FFmJdj8M%2BnH514kNGjiUdkwAY4YnzvjVAvBwGD2ZJ60iM%2FqjP4VKFCemOPG6sGPqj80%2F7yH%2B7KfE7bTCFIWLoBfG7p8t%2FZI6JMameXZap%2FMOjpUcy8lxZaROMH9dNW2QtwmIie0FMiSUyuqV8RyEC%2BKFY7JElWgP0Itdo2Zw8c4%2FIQYjR%2BO2KGYU2DG0WcEnGidJzrPuyL0f%2FH3fkmqvE0t5Al9wrYgtBobv6d37YoguhMgTB9an%2Bz76yqoaGbY9n8R%2FM%3D |
|
azopmge.com/ | Name: PHPSESSID Value: c272e51b5ecfb80d203c873a357cb963 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
azopmge.com
23.247.42.161
00469b9e3848f74cce68efe765d38601d77ea9e4d6eb2f1ab8d5974d0c3fe5ad
0373a126902a11dfd9f7b83be3d560500557179040b6455dd1ea5a2c03e19588
3dd3b88f15bf2a7f2457934b61ea0cf4de370c397074443c47f2c0b789bec804
45d7e6d007aa0ff0867b9dbb3e7a365d23120e00ab650fd85dd75b4028c3448a
465c2a9824f70ca7950230859a2ac72673c455d109994e1465fd6f0e2cf27245
54d8c2014cbe07e4568ac71f032501c8954295dfc73240c25a4916a28a312f96
756433c76c09df52de9a89d8887f94d991a291b4e3a6db4a86e9859888f5a54f
8afa0e13c86a1d3d734fca7fcfc18729cea51c1cea92c42f4ac363c7a7262edf
a6ba71883887aa143687e857f428cffae68b942ab6b46ce50a0446eb971d7027
ae9da3c9a568a7b3602dc54e10c324166db3abe1d3a6892770d6ce6a7cc8c1c6
b62740a5165f55700d7e3b8a2386d35e30e7b663438f2a5cfc1108132b01f1db
b81163a7a0df4e956108a2117a43f06a5f10d85eb3198fe5397f293cff9fb22c
c7b89995886b758ade5c75d829e30cea2715c333baab0f2d9db3f5ee703721a1
d33d8560fa8d6654a0848ad85887b0317f6cd6229a55b0f6400ebdd572eda8c9
de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56ac82fab1c5b5fa17fbeb9780ff44d748c6702e19a757385d83e1fc36c3c6a
ed2f5ad4422bb3284652f8377ca537f4b0ea17285d01b84d6abba8997b31535f
f5b6e0ff10a1f98ca5f76330837e57d20ca904b94123540bdb966bebff747a89
f6d4c85432899999efbffe2651c5d82d49c907f3764f949f3f348b5ba6e3184e