xinlijiemi.com
Open in
urlscan Pro
154.198.53.152
Malicious Activity!
Public Scan
Submission: On September 04 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by R11 on September 3rd 2024. Valid for: 3 months.
This is the only time xinlijiemi.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: JA Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 154.198.53.152 154.198.53.152 | 138995 (ANTBOX1-A...) (ANTBOX1-AS-AP Antbox Networks Limited) | |
2 | 18.65.185.4 18.65.185.4 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2404:6800:400... 2404:6800:4004:825::200e | 15169 (GOOGLE) (GOOGLE) | |
22 | 3 |
ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-4.nrt57.r.cloudfront.net
www.jabank.jp |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
xinlijiemi.com
xinlijiemi.com |
333 KB |
2 |
jabank.jp
www.jabank.jp |
7 KB |
1 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 84 |
|
22 | 3 |
Domain | Requested by | |
---|---|---|
19 | xinlijiemi.com |
xinlijiemi.com
|
2 | www.jabank.jp |
xinlijiemi.com
|
1 | www.youtube.com |
xinlijiemi.com
|
22 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.jabank.jp |
www.jabank.org |
www.direct.jabank.jp |
ja-netloan.jp |
map.jabank.org |
www.houjinnet.jabank.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
xinlijiemi.com R11 |
2024-09-03 - 2024-12-02 |
3 months | crt.sh |
www.jabank.jp GlobalSign RSA OV SSL CA 2018 |
2024-01-10 - 2025-02-10 |
a year | crt.sh |
*.google.com WR2 |
2024-08-05 - 2024-10-28 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://xinlijiemi.com/ib/client/select_PC.php/login
Frame ID: 7CEDD1D8334D6407883D344FD8968A50
Requests: 21 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/F3FgAALpKFY?rel=0
Frame ID: BC69EA75BED400551E44D67FABC582A5
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
JAネットバンクDetected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- (?:/([\d.]+))?/vue(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
22 Outgoing links
These are links going to different origins than the main page.
Title: メリット
Search URL Search Domain Scan URL
Title: 機能・サービス
Search URL Search Domain Scan URL
Title: JAバンクかんたん通帳
Search URL Search Domain Scan URL
Title: マネーフォワード for JAバンク
Search URL Search Domain Scan URL
Title: セキュリティ
Search URL Search Domain Scan URL
Title: 使い方
Search URL Search Domain Scan URL
Title: JA店舗検索
Search URL Search Domain Scan URL
Title: 今回は導入せずにログインする
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: お使い道さえ決まっていれば様々な用途に使える! 詳しくはこちら
Search URL Search Domain Scan URL
Title: 様々な用途に自由に使える! 詳しくはこちら
Search URL Search Domain Scan URL
Title: お近くの店舗・ATMはこちらから 詳しくはこちら
Search URL Search Domain Scan URL
Title: JAバンクのアプリで口座を簡単管理! 詳しくはこちら
Search URL Search Domain Scan URL
Title: JAバンクのお客さまの家計・資産管理をサポート 詳しくはこちら
Search URL Search Domain Scan URL
Title: 新車や中古車の購入に!修理費や車検にも使える! 詳しくはこちら
Search URL Search Domain Scan URL
Title: 入学金や授業料など幅広い教育資金に使える! 詳しくはこちら
Search URL Search Domain Scan URL
Title: 教材費やひとり暮らしの家賃など繰り返し使える! 詳しくはこちら
Search URL Search Domain Scan URL
Title: 住宅の増改築・改装などリフォームに使える! 詳しくはこちら
Search URL Search Domain Scan URL
Title: 不正送金防止AtoZ
Search URL Search Domain Scan URL
Title: 金融犯罪にご注意ください
Search URL Search Domain Scan URL
Title: 法人JAネットバンク
Search URL Search Domain Scan URL
Title: JAバンク
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login
xinlijiemi.com/ib/client/select_PC.php/ |
1 MB 57 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.min.css
xinlijiemi.com/ib/css/ |
173 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
headlogo.svg
www.jabank.jp/common/re/img/common/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
F3FgAALpKFY
www.youtube.com/embed/ Frame BC69 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mv2.jpg
xinlijiemi.com/ib/client/img/ |
148 B 148 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mv3.jpg
xinlijiemi.com/ib/client/img/ |
148 B 148 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tamokuteki.gif
xinlijiemi.com/ib/client/img/ |
148 B 148 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
free.gif
xinlijiemi.com/ib/client/img/ |
148 B 148 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app_maff.png
xinlijiemi.com/ib/client/img/ |
148 B 148 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
atm.gif
xinlijiemi.com/ib/client/img/ |
148 B 148 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jabnkapp.gif
xinlijiemi.com/ib/client/img/ |
148 B 148 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
moneyforward.gif
xinlijiemi.com/ib/client/img/ |
148 B 148 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mycar.gif
xinlijiemi.com/ib/client/img/ |
148 B 148 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kyoiku1.gif
xinlijiemi.com/ib/client/img/ |
148 B 148 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kyoiku2.gif
xinlijiemi.com/ib/client/img/ |
148 B 148 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reform.gif
xinlijiemi.com/ib/client/img/ |
148 B 148 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vue.js
xinlijiemi.com/ib/js/ |
334 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.5.1.js
xinlijiemi.com/ib/js/ |
281 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
select_pc.js
xinlijiemi.com/ib/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mod_img_sprite.png
xinlijiemi.com/ib/img/ |
39 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tabBg.gif
xinlijiemi.com/ib/img/ |
42 B 489 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
www.jabank.jp/ |
4 KB 5 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: JA Bank (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| Vue function| $ function| jQuery5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
xinlijiemi.com/ | Name: X-ANTS-WAF-R-C Value: 0001684969 |
|
.youtube.com/ | Name: YSC Value: Y-KMIkdXbHs |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: z7cpZfPZxOg |
|
.youtube.com/ | Name: VISITOR_PRIVACY_METADATA Value: CgJKUBIEGgAgEg%3D%3D |
|
www.jabank.jp/ | Name: AWSALBCORS Value: vIcEdcKFBiPDcWDB/Z76NalUp3vyUG+axYowObejZnxNRdufDPyB3Ku1sTG+bBEEui0PQ4ORRQr+t1Jfbtfj69uCeyf91qBu0abzrX+GmEyKJph52B0OgVrH1J+0 |
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.jabank.jp
www.youtube.com
xinlijiemi.com
154.198.53.152
18.65.185.4
2404:6800:4004:825::200e
352baa818da109925437a8433057ddc6f91ec48efe88bc5741b2f9e34450fdce
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
6ebb24ac3e681b55f8d8231fd4356bf8df0e2a48acef0a979160712b1138d2fb
7c1a25adb20e25adbe6f52a48c7f47c89af24827083bd8bb7187f5f4c1c2ad60
931076388b35d759e33d25a7c32f345be1d3a86ab8505127c4e2897893bd8591
9cad3cff676946810a81047247f12e4e51faccc01df4134edfd871aee8ba0956
accb5e5d856c9bc97c2362b87d18ee31e5615e68bc6b64c3c475ea4c006308eb
c8a651b6108904b89e3eeff900477c68e27258a4cbba0710ae7082e7e88ce785
e2007f303398765b8f61f13d60ceb11e0f98d7e93c62d7a6ab6b051ba6aa8664
f059196fb704137f0ae5ec86c89293048c2889d0ad0a9d8634b1e02e17d7fa1f