urlscan.io logo urlscan.io
SecurityTrails logo

myjcbcyhssl.com Open in urlscan Pro
152.32.204.219  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://myjcb-jp.com/
Effective URL: https://myjcbcyhssl.com/tetsuzuki/login.htm
Submission: On October 27 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 152.32.204.219, located in Tokyo, Japan and belongs to UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK. The main domain is myjcbcyhssl.com.
TLS certificate: Issued by R11 on October 25th 2024. Valid for: 3 months.
This is the only time myjcbcyhssl.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: JCB (Financial)

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.13 396982 (GOOGLE-CL...)
4 152.32.204.219 135377 (UCLOUD-HK...)
5 2
Apex Domain
Subdomains		 Transfer
4 myjcbcyhssl.com
myjcbcyhssl.com
139 KB
1 myjcb-jp.com
myjcb-jp.com
333 B
0 cqkrn.com Failed
myjcb.cqkrn.com Failed
5 3
Domain Requested by
4 myjcbcyhssl.com myjcbcyhssl.com
1 myjcb-jp.com 1 redirects
0 myjcb.cqkrn.com Failed
5 3

This site contains no links.

Subject Issuer Validity Valid
myjcbcyhssl.com
R11		 2024-10-25 -
2025-01-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://myjcbcyhssl.com/tetsuzuki/login.htm
Frame ID: 6F8F5313819EA2A1D97D9F86351C47E7
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

JCBの会員専用WEBサービス「MyJCB(マイジェーシービー)」

Page URL History Show full URLs

  1. https://myjcb-jp.com/ HTTP 301
    https://myjcbcyhssl.com/tetsuzuki/login.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

139 kB
Transfer

450 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://myjcb-jp.com/ HTTP 301
    https://myjcbcyhssl.com/tetsuzuki/login.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.htm
myjcbcyhssl.com/tetsuzuki/
Redirect Chain
  • https://myjcb-jp.com/
  • https://myjcbcyhssl.com/tetsuzuki/login.htm
45 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myjcbcyhssl.com/tetsuzuki/login.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.32.204.219 Tokyo, Japan, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
5fd78dcdc40f78c883f81d6f56178cbcc470022c1fe5a325248d6d7212cf2db3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 27 Oct 2024 09:08:04 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
78
content-type
text/html; charset=utf-8
date
Sun, 27 Oct 2024 09:08:03 GMT
location
https://myjcbcyhssl.com/tetsuzuki/login.htm
pragma
no-cache
server
nginx
strict-transport-security
max-age=1209600
via
1.1 google, 1.1 google
x-frame-options
DENY
chunk-vendors.7399f969.css
myjcbcyhssl.com/tetsuzuki/JCB1_files/ 		349 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myjcbcyhssl.com/tetsuzuki/JCB1_files/chunk-vendors.7399f969.css
Requested by
Host: myjcbcyhssl.com
URL: https://myjcbcyhssl.com/tetsuzuki/login.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.32.204.219 Tokyo, Japan, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
2efeadfac8e85ef3351a8a4d6dc99e2cfb7fad928ddf214868be4002a94ecd43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1
Referer
https://myjcbcyhssl.com/tetsuzuki/login.htm

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 27 Oct 2024 09:08:04 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Mon, 12 Aug 2024 12:26:10 GMT
app.dccdd228.css
myjcbcyhssl.com/tetsuzuki/JCB1_files/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myjcbcyhssl.com/tetsuzuki/JCB1_files/app.dccdd228.css
Requested by
Host: myjcbcyhssl.com
URL: https://myjcbcyhssl.com/tetsuzuki/login.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.32.204.219 Tokyo, Japan, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
01fb796b9941e139cd5c194e6dabfd2b905b9d6625c2d62893cb0affff8ee909
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1
Referer
https://myjcbcyhssl.com/tetsuzuki/login.htm

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 27 Oct 2024 09:08:04 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Mon, 12 Aug 2024 12:26:10 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd8e7c6375bd6ccc23582eec91b4f1417b6f582dfc48e40b7ae3a63d7b0ae949

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/png
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ded913d8bb8cd42a34881a7fc5169f3faf295cfb7b582c9293c5b223d3568be1

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6034aa1a5202485c861be5b8b5664b920a6ba8e02f65bea1ba7419ad736145c1

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93b334e1a1d3b1f7ad60a247c93d72e8d3c03db8b81bc4c4184ad3a3d7ce5b62

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/png
element-icons.ff18efd1.woff
myjcbcyhssl.com/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myjcbcyhssl.com/fonts/element-icons.ff18efd1.woff
Requested by
Host: myjcbcyhssl.com
URL: https://myjcbcyhssl.com/tetsuzuki/JCB1_files/chunk-vendors.7399f969.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.32.204.219 Tokyo, Japan, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/128.0.6613.92 Mobile/15E148 Safari/604.1
Origin
https://myjcbcyhssl.com
Referer
https://myjcbcyhssl.com/tetsuzuki/JCB1_files/chunk-vendors.7399f969.css

Response headers

strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
28200
date
Sun, 27 Oct 2024 09:08:05 GMT
content-type
application/font-woff
last-modified
Mon, 12 Aug 2024 13:10:28 GMT
server
nginx
favicon.ico
myjcb.cqkrn.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
myjcb.cqkrn.com
URL
https://myjcb.cqkrn.com/favicon.ico

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: JCB (Financial)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://myjcb.cqkrn.com/favicon.ico
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000