meijiyasudan.com
Open in
urlscan Pro
216.224.120.234
Malicious Activity!
Public Scan
Effective URL: https://meijiyasudan.com/index.html
Submission Tags: phishing meijiyasuda Search All
Submission: On November 15 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 15th 2021. Valid for: a year.
This is the only time meijiyasudan.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: MEIJI YASUDA LIFE (Insurance)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 20 | 216.224.120.234 216.224.120.234 | 64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN) | |
18 | 2 |
ASN64050 (BCPL-SG BGPNET Global ASN, SG)
PTR: j120-234.sjc1.ethr.net
meijiyasudan.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
meijiyasudan.com
2 redirects
meijiyasudan.com |
500 KB |
18 | 1 |
Domain | Requested by | |
---|---|---|
20 | meijiyasudan.com |
2 redirects
meijiyasudan.com
|
18 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
meijiyasudan.com Sectigo RSA Domain Validation Secure Server CA |
2021-11-15 - 2022-11-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://meijiyasudan.com/index.html
Frame ID: BD475E65B281A06533B844B3CB05948D
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
ログイン|MYほけんページ|明治安田生命Page URL History Show full URLs
-
https://meijiyasudan.com/
HTTP 302
https://meijiyasudan.com/fanghong/api/jump.php HTTP 302
https://meijiyasudan.com/index.html Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://meijiyasudan.com/
HTTP 302
https://meijiyasudan.com/fanghong/api/jump.php HTTP 302
https://meijiyasudan.com/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
meijiyasudan.com/ Redirect Chain
|
1 KB 726 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.577beede.css
meijiyasudan.com/css/ |
121 B 197 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.a16c4353.css
meijiyasudan.com/css/ |
210 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.fa70ea6f.js
meijiyasudan.com/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.5a39cf06.js
meijiyasudan.com/js/ |
857 KB 233 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-3d8e8d42.2b4174e9.css
meijiyasudan.com/css/ |
0 1 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-50b89cde.e17fbb1c.css
meijiyasudan.com/css/ |
0 8 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-3821c6c2.9d3bb7a7.js
meijiyasudan.com/js/ |
0 11 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-3d8e8d42.c79f0703.js
meijiyasudan.com/js/ |
0 6 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-50b89cde.31b5388d.js
meijiyasudan.com/js/ |
0 3 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-3821c6c2.9d3bb7a7.js
meijiyasudan.com/js/ |
30 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-3d8e8d42.2b4174e9.css
meijiyasudan.com/css/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-3d8e8d42.c79f0703.js
meijiyasudan.com/js/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner_chat_pc.55626e0c.png
meijiyasudan.com/img/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_bg_white.35df08ad.png
meijiyasudan.com/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnr_app_pc.e6a83928.png
meijiyasudan.com/img/ |
74 KB 74 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
429 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
894 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
482 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
179 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
152 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp_line_banner.6ecbcffd.png
meijiyasudan.com/img/ |
86 KB 86 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adobe_img01.972f2d33.png
meijiyasudan.com/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: MEIJI YASUDA LIFE (Insurance)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| webpackJsonp1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
meijiyasudan.com/ | Name: PHPSESSID Value: ko122a2qftn08b46sg9pikbq05 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
meijiyasudan.com
216.224.120.234
19acadaf3a7bf217db5783276977407673f95b48e7a65ea62554974180b9f9e6
204e1a3025f0a55a41e1b4d115d37086a67694fedd099e713ec440c72475cf5c
23accd136277a9f5f41b24848a15623a6e13f67d74951b40f2e3d7486985e51e
24036ab13573bd5801427ee8febde111708bb1a6df34d1845c06d01a034eeb42
2650cbb5389341f0a3b4f0f9e298fd33407739e89d64db6c6faf7ff6218ef730
3053fba17028211380c10231524200e99a3346a94316e42c2b1d1a797e8d2c03
31c38973bcb14440ec08c69da399b5473595960514940f0863cce173ce891ba9
40537b1b3db941a3dd03fb54bf4392fdf96e0c738125d2a9ac716f01e710b355
432e3349354a34bf5e9c4188e80f0a2c03bc786f71d46df8388b2f33d29d1356
473438ad24f2e9b5d75a2bbf6d24e7ccf3a99549e2258beb1f9d4bd6b32c7dab
6ca0d759a38b58d1257e2dcf4d28d1f3b6c3a23af394f058ec7db00314456a8e
70acdb53e1bb6483bbe7d3f56ad3eb9d672d52a7cac0b33f90d49bb229ea6aeb
b4e0539411de97fc0bc4c8a99de7b02814297b96bf97513d66b89c52d65c663d
c8f22c981f8a2d6e5f5a984bd6df1d8f1764b37807eac9907782203ba0a9876d
d72a5bac343c8fe2d51e96b86c38c7a1af550dda58d80899da1bf23d19a3603d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f414628c8a58f7c27c3f0e3fb52998500ce8912364cfbb1321f0a0f452316338
fd00c6c989ebe67a72be2cd6af55d10757d5bb1d66cf373275dd085957216884
fd28a7ccd05c8210fdb13881bf269d9757b6df7cbf954c42e78e817f463844c2