www.admin-jr-update.xlmvddr.cn Open in urlscan Pro
147.78.242.70 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.admin-jr-update.xlmvddr.cn/
Effective URL:
https://www.admin-jr-update.xlmvddr.cn/index/index/login.html
Submission: On June 05 via manual (June 5th 2022, 7:58:14 am UTC) from JP — Scanned from JP

Summary HTTP 24 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 24 HTTP transactions. The main IP is 147.78.242.70, located in Tokyo, Japan and belongs to OWL-AS-AP Owl Limited, VU. The main domain is www.admin-jr-update.xlmvddr.cn.
TLS certificate: Issued by R3 on June 4th 2022. Valid for: 3 months.

This is the only time www.admin-jr-update.xlmvddr.cn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: JR West (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 24	147.78.242.70 147.78.242.70	23959 (OWL-AS-AP...) (OWL-AS-AP Owl Limited)
1	183.131.207.66 183.131.207.66	() ()
24	2

24 147.78.242.70 (Tokyo, Japan) 1 redirects

ASN23959 (OWL-AS-AP Owl Limited, VU)
PTR: 147.78.242.70.static.xtom.com

www.admin-jr-update.xlmvddr.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.131.207.66 (None, )

ASN- ()

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	xlmvddr.cn 1 redirects www.admin-jr-update.xlmvddr.cn	45 KB
1	51.la ia.51.la	215 B
24	2

	Domain	Requested by
24	www.admin-jr-update.xlmvddr.cn	1 redirects www.admin-jr-update.xlmvddr.cn
1	ia.51.la	www.admin-jr-update.xlmvddr.cn
24	2

This site contains links to these domains. Also see Links.

Domain
shinkansen1.jr-central.co.jp
www.jr-odekake.net
faq.jr-odekake.net

Subject Issuer	Validity	Valid
www.admin-jr-update.xlmvddr.cn R3	`2022-06-04` - `2022-09-02`	3 months	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-04-19` - `2023-05-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html
Frame ID: 19723822FE729695041DAB89E41522C7
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JR西日本 Club J-WEST 会員サポート

Page URL History Show full URLs

https://www.admin-jr-update.xlmvddr.cn/ HTTP 302
https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Page URL

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

45 kB
Transfer

82 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://shinkansen1.jr-central.co.jp/RSV_P/west_index.jsp
Title: エクスプレス予約の新規登録・ログイン

Search URL Search Domain Scan URL

URL: http://www.jr-odekake.net/about/privacy_01.html

Search URL Search Domain Scan URL

URL: http://faq.jr-odekake.net/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.admin-jr-update.xlmvddr.cn/ HTTP 302
https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login.html Show response www.admin-jr-update.xlmvddr.cn/index/index/ Redirect Chain https://www.admin-jr-update.xlmvddr.cn/ https://www.admin-jr-update.xlmvddr.cn/index/index/login.html	6 KB 2 KB	177ms 177ms	Document text/html	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Full URL https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `c964037d5cd480ca0186598606797316508f18547da6b6a9bfaa2fc3ec4151e6` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers content-encoding gzip content-length 2399 content-type text/html; charset=utf-8 date Sun, 05 Jun 2022 07:58:10 GMT server Apache vary Accept-Encoding Redirect headers cache-control no-cache,must-revalidate content-length 0 content-type text/html; charset=utf-8 date Sun, 05 Jun 2022 07:58:09 GMT location /index/index/login.html server Apache
GET H2	200	member-set.css www.admin-jr-update.xlmvddr.cn/static/css/	623 B 393 B	6ms 3ms	Stylesheet text/css	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Full URL https://www.admin-jr-update.xlmvddr.cn/static/css/member-set.css Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `00800123746f37e79be0fe65ea1bd435d140b435dc8e456b519cb8862b0e6210` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/index/index/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT content-encoding gzip last-modified Wed, 02 Mar 2022 03:54:56 GMT server Apache etag "26f-5d9343ea3c400-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 304
GET H2	200	ap.css www.admin-jr-update.xlmvddr.cn/static/css/	4 KB 1 KB	6ms 3ms	Stylesheet text/css	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Full URL https://www.admin-jr-update.xlmvddr.cn/static/css/ap.css Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `8a395feee0792976a7067fd6a8b5465f7ed7fc23ae050d7ba8ef95401405765c` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/index/index/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT content-encoding gzip last-modified Thu, 03 Mar 2022 13:24:36 GMT server Apache etag "1016-5d95051c48d00-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1133
GET H2	200	jquery1.7.3.js Show response www.admin-jr-update.xlmvddr.cn/static/js/	5 KB 2 KB	8ms 0ms	Script application/javascript	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Full URL https://www.admin-jr-update.xlmvddr.cn/static/js/jquery1.7.3.js Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `fee8c4ac7a8ea98137e3bd2492bc82d4ce77bb91774bbd6f4ddd2c5afbb1b1f6` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/index/index/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT content-encoding gzip last-modified Fri, 04 Mar 2022 05:47:20 GMT server Apache etag "1322-5d95e0c4bca00-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2306
GET H2	404	validateBase.js www.admin-jr-update.xlmvddr.cn/static/js/	0 0	187ms 178ms	Script text/html	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Full URL https://www.admin-jr-update.xlmvddr.cn/static/js/validateBase.js Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/index/index/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT content-encoding gzip server Apache content-length 5091 vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	404	myAlert.js www.admin-jr-update.xlmvddr.cn/static/js/	0 0	171ms 163ms	Script text/html	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Full URL https://www.admin-jr-update.xlmvddr.cn/static/js/myAlert.js Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/index/index/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT content-encoding gzip server Apache content-length 5089 vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	validateRequired.js Show response www.admin-jr-update.xlmvddr.cn/static/js/	4 KB 1 KB	13ms 5ms	Script application/javascript	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Full URL https://www.admin-jr-update.xlmvddr.cn/static/js/validateRequired.js Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `9eaf41ccd7691ff06b75b8aa8f5185d1a5c0ed059775e970e045ebcf2a960cb2` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/index/index/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT content-encoding gzip last-modified Thu, 03 Mar 2022 00:40:12 GMT server Apache etag "11e1-5d945a40f7300-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1446
GET H2	200	validateLogin1Form.js Show response www.admin-jr-update.xlmvddr.cn/static/js/	611 B 393 B	13ms 6ms	Script application/javascript	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Full URL https://www.admin-jr-update.xlmvddr.cn/static/js/validateLogin1Form.js Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `ce4dd22f9f1d8c8b28b79060faa96ec28fb931b295ca212c2faf4b044896aa4d` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/index/index/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT content-encoding gzip last-modified Thu, 03 Mar 2022 00:41:02 GMT server Apache etag "263-5d945a70a6380-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 316
GET H2	404	validateUtil.js www.admin-jr-update.xlmvddr.cn/static/js/	0 0	177ms 170ms	Script text/html	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Full URL https://www.admin-jr-update.xlmvddr.cn/static/js/validateUtil.js Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/index/index/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT content-encoding gzip server Apache content-length 5094 vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	logo_all.gif www.admin-jr-update.xlmvddr.cn/static/images/	5 KB 5 KB	7ms 6ms	Image image/gif	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Show image Full URL https://www.admin-jr-update.xlmvddr.cn/static/images/logo_all.gif Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `4740a24c94c31ac747e02a42f5b695bb96b334987c5a3f545748965ffa09615d` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/index/index/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT last-modified Wed, 02 Mar 2022 03:45:12 GMT server Apache accept-ranges bytes etag "1234-5d9341bd4a200" content-length 4660 content-type image/gif
GET H2	200	button_orange_login.gif www.admin-jr-update.xlmvddr.cn/static/images/	2 KB 2 KB	3ms 2ms	Image image/gif	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Show image Full URL https://www.admin-jr-update.xlmvddr.cn/static/images/button_orange_login.gif Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `b158a3ad4fc909d536be32630ff6b0d0ed7f6c6012fddb03992e6490b56518b9` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/index/index/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT last-modified Thu, 03 Mar 2022 00:37:36 GMT server Apache accept-ranges bytes etag "848-5d9459ac31400" content-length 2120 content-type image/gif
GET H2	200	button_gray_back.gif www.admin-jr-update.xlmvddr.cn/static/images/	1 KB 1 KB	7ms 2ms	Image image/gif	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Show image Full URL https://www.admin-jr-update.xlmvddr.cn/static/images/button_gray_back.gif Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `3b37de802e5d8b45ef9e9eed554a2a60c7098b31e9dc590b7014b6752860aa94` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/index/index/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT last-modified Wed, 02 Mar 2022 03:45:10 GMT server Apache accept-ranges bytes etag "4e2-5d9341bb61d80" content-length 1250 content-type image/gif
GET H2	200	footer_privacy.gif www.admin-jr-update.xlmvddr.cn/static/images/	2 KB 3 KB	8ms 3ms	Image image/gif	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Show image Full URL https://www.admin-jr-update.xlmvddr.cn/static/images/footer_privacy.gif Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `bcb2d9cd3065b1f07b58dad1ebe5b93c6bc79d75bda65bf057ac8ae98433d268` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/index/index/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT last-modified Wed, 02 Mar 2022 03:45:12 GMT server Apache accept-ranges bytes etag "9ce-5d9341bd4a200" content-length 2510 content-type image/gif
GET H2	200	footer_subnav_question.gif www.admin-jr-update.xlmvddr.cn/static/images/	517 B 565 B	7ms 4ms	Image image/gif	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Show image Full URL https://www.admin-jr-update.xlmvddr.cn/static/images/footer_subnav_question.gif Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `cdd977459433f2454f8eaf49c2035b073d2d43da06c63b580e3efcbe075bbe96` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/index/index/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT last-modified Wed, 02 Mar 2022 03:45:10 GMT server Apache accept-ranges bytes etag "205-5d9341bb61d80" content-length 517 content-type image/gif
GET H2	200	footer_copyright.gif www.admin-jr-update.xlmvddr.cn/static/images/	3 KB 3 KB	8ms 5ms	Image image/gif	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Show image Full URL https://www.admin-jr-update.xlmvddr.cn/static/images/footer_copyright.gif Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `d7471b8d593e0ae70df9dd7c709b27519a6a83a3bf68adbe23275e581b057e60` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/index/index/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT last-modified Wed, 02 Mar 2022 03:45:10 GMT server Apache accept-ranges bytes etag "ca5-5d9341bb61d80" content-length 3237 content-type image/gif
GET H2	200	default.css www.admin-jr-update.xlmvddr.cn/static/css/	2 KB 962 B	11ms 10ms	Stylesheet text/css	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Full URL https://www.admin-jr-update.xlmvddr.cn/static/css/default.css Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/static/css/member-set.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `28bde5913cfd9297971cb711c7bb392f76061f0e94bf3e5490783cf8912b0cd1` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/static/css/member-set.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT content-encoding gzip last-modified Wed, 02 Mar 2022 03:54:56 GMT server Apache etag "8f4-5d9343ea3c400-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 908
GET H2	200	base.css www.admin-jr-update.xlmvddr.cn/static/css/	18 KB 4 KB	11ms 11ms	Stylesheet text/css	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Full URL https://www.admin-jr-update.xlmvddr.cn/static/css/base.css Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/static/css/member-set.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `935cad764e9e8e9915ce1ccfc9c4d3ea4c9f71268415cca50870935d01158e56` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/static/css/member-set.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT content-encoding gzip last-modified Wed, 02 Mar 2022 03:54:56 GMT server Apache etag "482a-5d9343ea3c400-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 4104
GET H2	200	member-layout.css www.admin-jr-update.xlmvddr.cn/static/css/	13 KB 3 KB	11ms 10ms	Stylesheet text/css	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Full URL https://www.admin-jr-update.xlmvddr.cn/static/css/member-layout.css Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/static/css/member-set.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `a22f66d12e0bc78ec32077f66d49d3c70bcc1bbdad6ac042ee66e8cb7e58e90a` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/static/css/member-set.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT content-encoding gzip last-modified Wed, 02 Mar 2022 03:54:56 GMT server Apache etag "32df-5d9343ea3c400-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 3509
GET H2	200	module.css www.admin-jr-update.xlmvddr.cn/static/css/	875 B 477 B	11ms 10ms	Stylesheet text/css	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Full URL https://www.admin-jr-update.xlmvddr.cn/static/css/module.css Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/static/css/member-set.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `59d9012307aef550e3e7bc18c7dbb6afd42f337de81a96fed5d5900b205ea288` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/static/css/member-set.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT content-encoding gzip last-modified Wed, 02 Mar 2022 03:54:56 GMT server Apache etag "36b-5d9343ea3c400-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 423
GET H2	200	tag.css www.admin-jr-update.xlmvddr.cn/static/css/	501 B 305 B	5ms 4ms	Stylesheet text/css	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Full URL https://www.admin-jr-update.xlmvddr.cn/static/css/tag.css Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/static/css/base.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `fb9a9469385d72c3c19bf3a895725b0e6fbd0fbf29b11f5863d869b59648e5c1` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/static/css/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT content-encoding gzip last-modified Wed, 02 Mar 2022 03:54:56 GMT server Apache etag "1f5-5d9343ea3c400-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 252
GET H/1.1	200	go1 ia.51.la/	0 215 B	3889ms 2613ms	Image text/plain	183.131.207.66
General Check archive.org Show headers Download Go to Show image Full URL https://ia.51.la/go1?id=21267949&rt=1654415890332&rl=16001200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1654415890332&tt=&kw=&cu=https%253A%252F%252Fwww.admin-jr-update.xlmvddr.cn%252Findex%252Findex%252Flogin.html&pu= Requested by* Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/index/index/login.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 183.131.207.66 -, , ASN (), Reverse DNS Software CloudWAF / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sun, 05 Jun 2022 07:58:14 GMT Server CloudWAF Connection keep-alive Content-Length 0
GET H2	200	spacer.gif www.admin-jr-update.xlmvddr.cn/static/images/	43 B 89 B	7ms 6ms	Image image/gif	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Show image Full URL https://www.admin-jr-update.xlmvddr.cn/static/images/spacer.gif Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/static/css/base.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/static/css/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT last-modified Wed, 02 Mar 2022 03:45:12 GMT server Apache accept-ranges bytes etag "2b-5d9341bd4a200" content-length 43 content-type image/gif
GET H2	200	point01.gif www.admin-jr-update.xlmvddr.cn/static/images/	13 KB 13 KB	4ms 3ms	Image image/gif	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Show image Full URL https://www.admin-jr-update.xlmvddr.cn/static/images/point01.gif Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/static/css/base.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `4ee367c5125569288983ab48a8f9eafb3913f442e4c5bf7e4e9e3729923d957a` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/static/css/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT last-modified Wed, 02 Mar 2022 03:45:10 GMT server Apache accept-ranges bytes etag "3379-5d9341bb61d80" content-length 13177 content-type image/gif
GET H2	200	footer_background.gif www.admin-jr-update.xlmvddr.cn/static/images/	75 B 121 B	4ms 3ms	Image image/gif	147.78.242.70 OWL-AS-AP Owl Lim...
General Check archive.org Show headers Download Go to Show image Full URL https://www.admin-jr-update.xlmvddr.cn/static/images/footer_background.gif Requested by Host: www.admin-jr-update.xlmvddr.cn URL: https://www.admin-jr-update.xlmvddr.cn/static/css/base.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 147.78.242.70 Tokyo, Japan, ASN23959 (OWL-AS-AP Owl Limited, VU), Reverse DNS 147.78.242.70.static.xtom.com Software Apache / Resource Hash `0f62a1654935cb08e4106aa1e94e046cbbe8c03fee1948f308c966d693981921` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.admin-jr-update.xlmvddr.cn/static/css/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 07:58:10 GMT last-modified Wed, 02 Mar 2022 03:45:12 GMT server Apache accept-ranges bytes etag "4b-5d9341bd4a200" content-length 75 content-type image/gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: JR West (Transportation)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.admin-jr-update.xlmvddr.cn/	1969-12-31 23:59:59	Name: __tins__21267949 Value: %7B%22sid%22%3A%201654415890332%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201654417690332%7D
www.admin-jr-update.xlmvddr.cn/	1969-12-31 23:59:59	Name: __51cke__ Value:
www.admin-jr-update.xlmvddr.cn/	1969-12-31 23:59:59	Name: __51laig__ Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.admin-jr-update.xlmvddr.cn/static/js/myAlert.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.admin-jr-update.xlmvddr.cn/static/js/validateUtil.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.admin-jr-update.xlmvddr.cn/static/js/validateBase.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ia.51.la
www.admin-jr-update.xlmvddr.cn
147.78.242.70
183.131.207.66
00800123746f37e79be0fe65ea1bd435d140b435dc8e456b519cb8862b0e6210
0f62a1654935cb08e4106aa1e94e046cbbe8c03fee1948f308c966d693981921
28bde5913cfd9297971cb711c7bb392f76061f0e94bf3e5490783cf8912b0cd1
3b37de802e5d8b45ef9e9eed554a2a60c7098b31e9dc590b7014b6752860aa94
4740a24c94c31ac747e02a42f5b695bb96b334987c5a3f545748965ffa09615d
4ee367c5125569288983ab48a8f9eafb3913f442e4c5bf7e4e9e3729923d957a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59d9012307aef550e3e7bc18c7dbb6afd42f337de81a96fed5d5900b205ea288
8a395feee0792976a7067fd6a8b5465f7ed7fc23ae050d7ba8ef95401405765c
935cad764e9e8e9915ce1ccfc9c4d3ea4c9f71268415cca50870935d01158e56
9eaf41ccd7691ff06b75b8aa8f5185d1a5c0ed059775e970e045ebcf2a960cb2
a22f66d12e0bc78ec32077f66d49d3c70bcc1bbdad6ac042ee66e8cb7e58e90a
b158a3ad4fc909d536be32630ff6b0d0ed7f6c6012fddb03992e6490b56518b9
bcb2d9cd3065b1f07b58dad1ebe5b93c6bc79d75bda65bf057ac8ae98433d268
c964037d5cd480ca0186598606797316508f18547da6b6a9bfaa2fc3ec4151e6
cdd977459433f2454f8eaf49c2035b073d2d43da06c63b580e3efcbe075bbe96
ce4dd22f9f1d8c8b28b79060faa96ec28fb931b295ca212c2faf4b044896aa4d
d7471b8d593e0ae70df9dd7c709b27519a6a83a3bf68adbe23275e581b057e60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb9a9469385d72c3c19bf3a895725b0e6fbd0fbf29b11f5863d869b59648e5c1
fee8c4ac7a8ea98137e3bd2492bc82d4ce77bb91774bbd6f4ddd2c5afbb1b1f6

www.admin-jr-update.xlmvddr.cn Open in urlscan Pro 147.78.242.70 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

45 kBTransfer

82 kBSize

3 Cookies

3 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

3 Cookies

3 Console Messages

Indicators

www.admin-jr-update.xlmvddr.cn Open in urlscan Pro
147.78.242.70 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

45 kB
Transfer

82 kB
Size

3
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!