urlscan.io logo urlscan.io
SecurityTrails logo

mypage.jcom.zaq.aichi.jp Open in urlscan Pro
162.241.127.227  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mypage.jcom.zaq.aichi.jp/
Effective URL: https://mypage.jcom.zaq.aichi.jp/login.php
Submission: On February 20 via manual from IN — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 14 HTTP transactions. The main IP is 162.241.127.227, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is mypage.jcom.zaq.aichi.jp.
TLS certificate: Issued by R3 on February 11th 2023. Valid for: 3 months.
This is the only time mypage.jcom.zaq.aichi.jp was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: J:Com (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 3 162.241.127.227 19871 (NETWORK-S...)
5 104.17.49.82 13335 (CLOUDFLAR...)
1 13.107.21.200 8068 (MICROSOFT...)
1 161.71.144.13 14340 (SALESFORCE)
1 5 15.197.193.217 16509 (AMAZON-02)
1 18.65.211.119 16509 (AMAZON-02)
2 2 142.251.42.130 15169 (GOOGLE)
2 2 52.74.162.2 16509 (AMAZON-02)
1 1 8.39.36.141 26667 (RUBICONPR...)
14 6
3    162.241.127.227 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 162-241-127-227.webhostbox.net
mypage.jcom.zaq.aichi.jp
5    104.17.49.82 (None, )

ASN13335 (CLOUDFLARENET, US)
auth.id2.zaq.ne.jp
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    161.71.144.13 (United States)

ASN14340 (SALESFORCE, US)
PTR: sledge-hnd.slb.sfdcsvc.net
cs.myjcom.jp
5    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
1    18.65.211.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-211-119.nrt57.r.cloudfront.net
js.adsrvr.org
2    142.251.42.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net
cm.g.doubleclick.net
2    52.74.162.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
Apex Domain
Subdomains		 Transfer
6 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 568
match.adsrvr.org — Cisco Umbrella Rank: 295
js.adsrvr.org — Cisco Umbrella Rank: 1442
4 KB
5 zaq.ne.jp
auth.id2.zaq.ne.jp
33 KB
3 zaq.aichi.jp
mypage.jcom.zaq.aichi.jp
53 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 273
804 B
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
1 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 316
915 B
1 myjcom.jp
cs.myjcom.jp
1 bing.com
bat.bing.com — Cisco Umbrella Rank: 368
539 B
14 8
Domain Requested by
5 auth.id2.zaq.ne.jp mypage.jcom.zaq.aichi.jp
4 match.adsrvr.org mypage.jcom.zaq.aichi.jp
js.adsrvr.org
3 mypage.jcom.zaq.aichi.jp 1 redirects mypage.jcom.zaq.aichi.jp
2 ups.analytics.yahoo.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
1 pixel.rubiconproject.com 1 redirects
1 js.adsrvr.org match.adsrvr.org
1 insight.adsrvr.org 1 redirects
1 cs.myjcom.jp mypage.jcom.zaq.aichi.jp
1 bat.bing.com mypage.jcom.zaq.aichi.jp
14 10

This site contains no links.

Subject Issuer Validity Valid
mypage.jcom.zaq.aichi.jp
R3		 2023-02-11 -
2023-05-12		 3 months crt.sh
auth.id2.zaq.ne.jp
GlobalSign Extended Validation CA - SHA256 - G3		 2022-11-04 -
2023-12-06		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
cs.myjcom.jp
GlobalSign RSA OV SSL CA 2018		 2022-09-05 -
2023-10-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 6 frames:

Primary Page: https://mypage.jcom.zaq.aichi.jp/login.php
Frame ID: CA40DB4380C85925BAC3C979E803968E
Requests: 8 HTTP requests in this frame

Frame: https://cs.myjcom.jp/JSS_O_BotEmbededServiceLoginSupport03
Frame ID: FB66EB4A71B32CDB1A7EF222FD7BFA26
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=3m1qe2l&ref=https%3A%2F%2Fmypage.jcom.zaq.aichi.jp%2Flogin.php&upid=kfio1ji&upv=1.1.0
Frame ID: F25140E34152468C5A821E4D1D052BBF
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9fff9fc4-dad2-485d-8c6f-e19f0ece55a5&google_gid=CAESEJ0cpLnT0evc5RcwrNRQI9c&google_cver=1
Frame ID: 08D73E95B02DAF045AFAEEF7127D4A9F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-1P3LGGhE2uIh1u9mkQNHlhnSD_CZ.As-~A&gdpr=0
Frame ID: 3BE858882EB12DF32D5790026590E82C
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: ECEF3D4C9CA9C3C227B54454A09584E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ログイン | J:COMパーソナルID | ケーブルテレビ(CATV)のJ:COM

Page URL History Show full URLs

  1. https://mypage.jcom.zaq.aichi.jp/ HTTP 302
    https://mypage.jcom.zaq.aichi.jp/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

6
IPs

3
Countries

90 kB
Transfer

276 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mypage.jcom.zaq.aichi.jp/ HTTP 302
    https://mypage.jcom.zaq.aichi.jp/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://insight.adsrvr.org/track/up?adv=3m1qe2l&ref=https%3A%2F%2Fmypage.jcom.zaq.aichi.jp%2Flogin.php&upid=kfio1ji&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=3m1qe2l&ref=https%3A%2F%2Fmypage.jcom.zaq.aichi.jp%2Flogin.php&upid=kfio1ji&upv=1.1.0
Request Chain 10
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OWZmZjlmYzQtZGFkMi00ODVkLThjNmYtZTE5ZjBlY2U1NWE1&gdpr=0&gdpr_consent=&ttd_tdid=9fff9fc4-dad2-485d-8c6f-e19f0ece55a5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=OWZmZjlmYzQtZGFkMi00ODVkLThjNmYtZTE5ZjBlY2U1NWE1&gdpr=0&gdpr_consent=&ttd_tdid=9fff9fc4-dad2-485d-8c6f-e19f0ece55a5&google_tc= HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9fff9fc4-dad2-485d-8c6f-e19f0ece55a5&google_gid=CAESEJ0cpLnT0evc5RcwrNRQI9c&google_cver=1
Request Chain 11
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9fff9fc4-dad2-485d-8c6f-e19f0ece55a5&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9fff9fc4-dad2-485d-8c6f-e19f0ece55a5&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-1P3LGGhE2uIh1u9mkQNHlhnSD_CZ.As-~A&gdpr=0
Request Chain 12
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9fff9fc4-dad2-485d-8c6f-e19f0ece55a5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
mypage.jcom.zaq.aichi.jp/
Redirect Chain
  • https://mypage.jcom.zaq.aichi.jp/
  • https://mypage.jcom.zaq.aichi.jp/login.php
52 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mypage.jcom.zaq.aichi.jp/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.241.127.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-127-227.webhostbox.net
Software
Apache /
Resource Hash
43f92eeb8b07cf5b55641924efd02cfb23fb54683500befaf5fb8b764e7083b5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Feb 2023 16:58:39 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Feb 2023 16:58:38 GMT
Keep-Alive
timeout=5, max=100
LOCATION
/login.php
Server
Apache
Transfer-Encoding
chunked
font-awesome.css
auth.id2.zaq.ne.jp/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.id2.zaq.ne.jp/css/font-awesome.css
Requested by
Host: mypage.jcom.zaq.aichi.jp
URL: https://mypage.jcom.zaq.aichi.jp/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.49.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
452734cb367c3b08ce93d514beffc5c94e2fbc1ce96e3dbfd748d923679fc336

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://mypage.jcom.zaq.aichi.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 16:58:41 GMT
content-encoding
gzip
via
1.1 c242a437dc6226d46fcad5a8f03d8d80.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 24 Nov 2020 11:57:49 GMT
server
cloudflare
x-amz-cf-pop
NRT57-P4
x-amz-server-side-encryption
AES256
etag
W/"92c07e45f41e1c083bcbffd35fd39699"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
cf-ray
79c8c9d5ebbee00d-NRT
x-amz-cf-id
Roqo2w42r-BcNu9S8_yFoZbmip1ai948hiNuVMtLUEDg7zibHiNyDQ==
bootstrap-dialog.min.css
auth.id2.zaq.ne.jp/css/ 		2 KB
676 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.id2.zaq.ne.jp/css/bootstrap-dialog.min.css
Requested by
Host: mypage.jcom.zaq.aichi.jp
URL: https://mypage.jcom.zaq.aichi.jp/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.49.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2cb5333517974e7fb7209e5447216ddb9a844000687a8cbeed308bea4ee1591

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://mypage.jcom.zaq.aichi.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 16:58:41 GMT
content-encoding
gzip
via
1.1 0d9c3a04ccebd3e629c5b22a32b50694.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 24 Nov 2020 11:57:49 GMT
server
cloudflare
x-amz-cf-pop
NRT57-P4
x-amz-server-side-encryption
AES256
etag
W/"58dabb2f2003ad8d458ed4cb26c5c645"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
cf-ray
79c8c9d5ebc0e00d-NRT
x-amz-cf-id
WUoPqY8jHM0_uCxN0Atr78EZjE6_G2yCKmilo6SJYi0zFIvX9ifi3Q==
bootstrap.min.css
auth.id2.zaq.ne.jp/css/ 		119 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.id2.zaq.ne.jp/css/bootstrap.min.css
Requested by
Host: mypage.jcom.zaq.aichi.jp
URL: https://mypage.jcom.zaq.aichi.jp/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.49.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c28eb8900abce3c478234e62390838556d839c10b7073b2ba42bcbae20d6e2fc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://mypage.jcom.zaq.aichi.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 16:58:41 GMT
content-encoding
gzip
via
1.1 428e308f6493e8c2a9e7e3b80d632f44.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 24 Nov 2020 11:57:49 GMT
server
cloudflare
x-amz-cf-pop
NRT57-P4
x-amz-server-side-encryption
AES256
etag
W/"bbbac04cb90f77fb07ace4837963a970"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
cf-ray
79c8c9d5ebc1e00d-NRT
x-amz-cf-id
qrym7oYOQSRbB5ZLRWFb4cBI4nU7Oa7lCTMV72GSgVAJdwkSlmDKlw==
animate.css
auth.id2.zaq.ne.jp/css/ 		71 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.id2.zaq.ne.jp/css/animate.css
Requested by
Host: mypage.jcom.zaq.aichi.jp
URL: https://mypage.jcom.zaq.aichi.jp/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.49.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://mypage.jcom.zaq.aichi.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 16:58:41 GMT
content-encoding
gzip
via
1.1 f9832575e3821f4db473b935967c7aaa.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 24 Nov 2020 11:57:49 GMT
server
cloudflare
x-amz-cf-pop
NRT57-P4
x-amz-server-side-encryption
AES256
etag
W/"07f146141537e04ee282a965d8053198"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
cf-ray
79c8c9d5ebc2e00d-NRT
x-amz-cf-id
PUhn5a1Qn7gxI7vtmQb9l4wMOxKL12SWCdtJlcVzA5u1G49hHB1y6g==
com_logo_01.png
auth.id2.zaq.ne.jp/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.id2.zaq.ne.jp/images/com_logo_01.png
Requested by
Host: mypage.jcom.zaq.aichi.jp
URL: https://mypage.jcom.zaq.aichi.jp/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.49.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44228825e6c6f97a874fc9ae07a276ae1108194907b9b80a5dd22a389e7591d5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://mypage.jcom.zaq.aichi.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 16:58:41 GMT
via
1.1 c242a437dc6226d46fcad5a8f03d8d80.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-meta-user-agent-id
libra-pid-prd-contents-user@s-445dc7747c8b4750b
x-amz-cf-pop
NRT57-P4
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
1186
last-modified
Thu, 21 Jan 2021 02:04:14 GMT
server
cloudflare
etag
"c52adc3db2f82f6b31fed5d6c6d88302"
x-amz-meta-user-agent
AWSTransfer
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
79c8c9d6ac33e00d-NRT
x-amz-cf-id
UgKOh2ueaBAF-CE-LRAIBtCQiQbwBQUk7S-y8vy49u5nddy9h1z0ig==
0
bat.bing.com/action/ 		0
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97007406&tm=gtm002&Ver=2&mid=72d2754e-9cde-462e-8dc8-c0bf1ae34e44&sid=53b09ea0aa2e11ed992e5760752d93cc&vid=53b0cd90aa2e11ed81fb6de8b360990a&vids=0&msclkid=N&pi=918639831&lg=en-US&sw=1680&sh=1050&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20J%3ACOM%E3%83%91%E3%83%BC%E3%82%BD%E3%83%8A%E3%83%ABID%20%7C%20%E3%82%B1%E3%83%BC%E3%83%96%E3%83%AB%E3%83%86%E3%83%AC%E3%83%93%EF%BC%88CATV%EF%BC%89%E3%81%AEJ%3ACOM&p=https%3A%2F%2Fmypage.jcom.zaq.aichi.jp%2Flogin.php&r=&lt=157&evt=pageLoad&sv=1&rn=926583
Requested by
Host: mypage.jcom.zaq.aichi.jp
URL: https://mypage.jcom.zaq.aichi.jp/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://mypage.jcom.zaq.aichi.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 20 Feb 2023 16:58:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 96C3E30B6AB04F6D841497F41CC167C2 Ref B: TYAEDGE0919 Ref C: 2023-02-20T16:58:41Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
JSS_O_BotEmbededServiceLoginSupport03
cs.myjcom.jp/ Frame FB66 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.myjcom.jp/JSS_O_BotEmbededServiceLoginSupport03
Requested by
Host: mypage.jcom.zaq.aichi.jp
URL: https://mypage.jcom.zaq.aichi.jp/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.144.13 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge-hnd.slb.sfdcsvc.net
Software
sfdcedge / Salesforce.com ApexPages
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests frame-ancestors 'self' https://*.jcom.co.jp https://*.myjcom.jp https://*.zaq.ne.jp https://auth.id2.zaq.ne.jp https://jcom.my.salesforce.com https://nav1.jcom.co.jp
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options ALLOW-FROM 'self'
X-Xss-Protection 0

Request headers

Referer
https://mypage.jcom.zaq.aichi.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
public,max-age=600
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests frame-ancestors 'self' https://*.jcom.co.jp https://*.myjcom.jp https://*.zaq.ne.jp https://auth.id2.zaq.ne.jp https://jcom.my.salesforce.com https://nav1.jcom.co.jp
Content-Type
text/html;charset=UTF-8
Date
Mon, 20 Feb 2023 16:58:43 GMT
Expires
Mon, 20 Feb 2023 17:04:23 GMT
Last-Modified
Mon, 20 Feb 2023 16:54:23 GMT
P3P
CP="CUR OTR STA"
Server
sfdcedge
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-FRAME-OPTIONS
ALLOW-FROM 'self'
X-Powered-By
Salesforce.com ApexPages
X-SFDC-Request-Id
725e2167f68d858dd65906d29f0fb134
X-XSS-Protection
0
/
match.adsrvr.org/track/upb/ Frame F251
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=3m1qe2l&ref=https%3A%2F%2Fmypage.jcom.zaq.aichi.jp%2Flogin.php&upid=kfio1ji&upv=1.1.0
  • https://match.adsrvr.org/track/upb/?adv=3m1qe2l&ref=https%3A%2F%2Fmypage.jcom.zaq.aichi.jp%2Flogin.php&upid=kfio1ji&upv=1.1.0
927 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=3m1qe2l&ref=https%3A%2F%2Fmypage.jcom.zaq.aichi.jp%2Flogin.php&upid=kfio1ji&upv=1.1.0
Requested by
Host: mypage.jcom.zaq.aichi.jp
URL: https://mypage.jcom.zaq.aichi.jp/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
76ba7aaacf02e23c2ec6c8050814535d77d2d9f73d84d631196efb0c5d33b42f

Request headers

Referer
https://mypage.jcom.zaq.aichi.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Mon, 20 Feb 2023 16:58:41 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Mon, 20 Feb 2023 16:58:41 GMT
location
https://match.adsrvr.org/track/upb/?adv=3m1qe2l&ref=https%3A%2F%2Fmypage.jcom.zaq.aichi.jp%2Flogin.php&upid=kfio1ji&upv=1.1.0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
btn_pagetop.gif
mypage.jcom.zaq.aichi.jp/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mypage.jcom.zaq.aichi.jp/images/btn_pagetop.gif
Requested by
Host: mypage.jcom.zaq.aichi.jp
URL: https://mypage.jcom.zaq.aichi.jp/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.241.127.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-127-227.webhostbox.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://mypage.jcom.zaq.aichi.jp/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 16:58:39 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame F251 		487 B
987 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=3m1qe2l&ref=https%3A%2F%2Fmypage.jcom.zaq.aichi.jp%2Flogin.php&upid=kfio1ji&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.211.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-211-119.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://match.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 00:50:40 GMT
Via
1.1 3f3fb708ebdc38166393802d73c4aee6.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
NRT57-P4
Age
58082
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
iemf7QrrHYLvmKbR_80HI8OMSnjdvFadroZSBAgwQpj7LIq027cpeg==
google
match.adsrvr.org/track/cmf/ Frame 08D7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OWZmZjlmYzQtZGFkMi00ODVkLThjNmYtZTE5ZjBlY2U1NWE1&gdpr=0&gdpr_consent=&ttd_tdid=9fff9fc4-dad2-485d-8c6f-e19f0...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=OWZmZjlmYzQtZGFkMi00ODVkLThjNmYtZTE5ZjBlY2U1NWE1&gdpr=0&gdpr_consent=&ttd_tdid=9fff9fc4-dad2-485d-8c6f-e19...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9fff9fc4-dad2-485d-8c6f-e19f0ece55a5&google_gid=CAESEJ0cpLnT0evc5RcwrNRQI9c&google_cver=1
70 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9fff9fc4-dad2-485d-8c6f-e19f0ece55a5&google_gid=CAESEJ0cpLnT0evc5RcwrNRQI9c&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 20 Feb 2023 16:58:41 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 20 Feb 2023 16:58:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9fff9fc4-dad2-485d-8c6f-e19f0ece55a5&google_gid=CAESEJ0cpLnT0evc5RcwrNRQI9c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame 3BE8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9fff9fc4-dad2-485d-8c6f-e19f0ece55a5&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9fff9fc4-dad2-485d-8c6f-e19f0ece55a5&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-1P3LGGhE2uIh1u9mkQNHlhnSD_CZ.As-~A&gdpr=0
70 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-1P3LGGhE2uIh1u9mkQNHlhnSD_CZ.As-~A&gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 20 Feb 2023 16:58:42 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

age
0
content-length
0
date
Mon, 20 Feb 2023 16:58:42 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-1P3LGGhE2uIh1u9mkQNHlhnSD_CZ.As-~A&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
rubicon
match.adsrvr.org/track/cmf/ Frame ECEF
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9fff9fc4-dad2-485d-8c6f-e19f0ece55a5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 20 Feb 2023 16:58:42 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
8879d63542e1f07dd8e6d691f6d521da
content-length
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: J:Com (Telecommunication)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange string| libraMessageType string| libraMessageText function| hrefHandler undefined| fidoServerBaseUrl function| loadingDone

10 Cookies

Domain/Path Name / Value
mypage.jcom.zaq.aichi.jp/ Name: PHPSESSID
Value: 194c59ff127f24a192bbb682d4ebc1ae
.adsrvr.org/ Name: TDID
Value: 9fff9fc4-dad2-485d-8c6f-e19f0ece55a5
.bing.com/ Name: MUID
Value: 2F7AA89DCB816D1F07C3BA23CA6B6C7C
.bat.bing.com/ Name: MR
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUkEwhBGgKRdVYcsmmjwUxratbE92gLl2LWzYr2AcY7t2MG7cdvENRS7xtQzlcE
.yahoo.com/ Name: A3
Value: d=AQABBMGm82MCEMJDab8k9-_WP1JQA1jbwlIFEgEBAQH49GP9YwAAAAAA_eMAAA&S=AQAAAiPqNbai1ZtZ4I06s_kXWeY
.rubiconproject.com/ Name: khaos
Value: LED2ASNT-2-D4RB
.rubiconproject.com/ Name: audit
Value: 1|oSVK7Gl3LxGtZqpyQ1LNrZ83kdv7wvWm2dSefcQ2vbK3anKsZt6Bl0WCXZK5p9JyRSQlSFbOZEyM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLu/yIgLbVA6xd5IYvOnskC8mJY/mqhvzuO0V9H8OSjYy/V/W7Aj5R00XHRiEbp3BzpbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.analytics.yahoo.com/ Name: IDSYNC
Value: 1769~2a3s
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI8NrciLjbyTsQBRIZCgpyaWdodG1lZGlhEgsI1quDhbjbyTsQBRIWCgdydWJpY29uEgsI1quDhbjbyTsQBRgFIAMoAzILCNajhrLO28k7EAVCDyINCAESCQoFdGllcjMQAVoHM20xcWUybGAB

2 Console Messages

Source Level URL
Text
network error URL: https://mypage.jcom.zaq.aichi.jp/images/btn_pagetop.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error
Message:
Refused to frame 'https://cs.myjcom.jp/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' https://*.jcom.co.jp https://*.myjcom.jp https://*.zaq.ne.jp https://auth.id2.zaq.ne.jp https://jcom.my.salesforce.com https://nav1.jcom.co.jp".