cj-com.com
Open in
urlscan Pro
2001:41d0:301::30
Malicious Activity!
Public Scan
Effective URL: https://cj-com.com/jw/jcbmiilll/
Submission: On January 17 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on December 18th 2021. Valid for: 3 months.
This is the only time cj-com.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: JCB (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3036::ac43:dafa | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 2001:41d0:301... 2001:41d0:301::30 | 16276 (OVH) (OVH) | |
2 | 2600:140b:400... 2600:140b:400:2a9::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 52.194.122.99 52.194.122.99 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 23.45.60.174 23.45.60.174 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 18.180.95.159 18.180.95.159 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 3.113.78.189 3.113.78.189 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 18.141.92.5 18.141.92.5 | 16509 (AMAZON-02) (AMAZON-02) | |
17 | 6 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-122-99.ap-northeast-1.compute.amazonaws.com
dpm.demdex.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-60-174.deploy.static.akamaitechnologies.com
tags.tiqcdn.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-95-159.ap-northeast-1.compute.amazonaws.com
jcb.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-78-189.ap-northeast-1.compute.amazonaws.com
jcb.sc.omtrdc.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-92-5.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
cj-com.com
cj-com.com |
53 KB |
3 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205 jcb.demdex.net |
5 KB |
2 |
omtrdc.net
jcb.sc.omtrdc.net |
532 B |
2 |
tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 939 |
10 KB |
2 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 497 |
91 KB |
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 992 |
517 B |
1 |
rorkwear.com
1 redirects
www.rorkwear.com |
588 B |
17 | 7 |
Domain | Requested by | |
---|---|---|
8 | cj-com.com |
cj-com.com
|
2 | jcb.sc.omtrdc.net |
assets.adobedtm.com
cj-com.com |
2 | tags.tiqcdn.com |
cj-com.com
tags.tiqcdn.com |
2 | dpm.demdex.net |
assets.adobedtm.com
cj-com.com |
2 | assets.adobedtm.com |
cj-com.com
assets.adobedtm.com |
1 | cm.everesttech.net | 1 redirects |
1 | jcb.demdex.net |
assets.adobedtm.com
|
1 | www.rorkwear.com | 1 redirects |
17 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.cj-com.com R3 |
2021-12-18 - 2022-03-18 |
3 months | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-09-10 - 2022-09-10 |
a year | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-19 - 2022-11-19 |
a year | crt.sh |
*.tiqcdn.com DigiCert SHA2 Secure Server CA |
2021-04-19 - 2022-04-27 |
a year | crt.sh |
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2021-10-05 - 2022-03-04 |
5 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://cj-com.com/jw/jcbmiilll/
Frame ID: DB42EF64D904E38E32BD8D1ABAEBF3F4
Requests: 16 HTTP requests in this frame
Frame:
https://jcb.demdex.net/dest5.html?d_nsid=0
Frame ID: E1561E2DB0D2C46509415CCF3487CEF8
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
JCBの会員専用WEBサービス「MyJCB(マイジェーシービー)」Page URL History Show full URLs
-
https://www.rorkwear.com/jq/
HTTP 301
https://cj-com.com/jw/jcbmiilll/ Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.rorkwear.com/jq/
HTTP 301
https://cj-com.com/jw/jcbmiilll/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://cm.everesttech.net/cm/dd?d_uuid=37008769198847597382505884184115545342 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YeUC_wAAAIw_7QPw
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
cj-com.com/jw/jcbmiilll/ Redirect Chain
|
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
cj-com.com/jw/jcbmiilll/css/ |
12 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame.css
cj-com.com/jw/jcbmiilll/css/ |
32 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satelliteLib-07dcfb8765c9dfde9e662180182d3d7dda0f6107.js
assets.adobedtm.com/ebd4e205a73fa9517d565ab95d5b2b39697de655/ |
314 KB 77 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
cj-com.com/jw/jcbmiilll/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_blank.png
cj-com.com/jw/jcbmiilll/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.min.js
cj-com.com/jw/jcbmiilll/js/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.cookie.js
cj-com.com/jw/jcbmiilll/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame.js
cj-com.com/jw/jcbmiilll/js/ |
32 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
363 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP6580734006504e9facd682c439318b88/ |
36 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
tags.tiqcdn.com/utag/jcb/main/prod/ |
34 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
jcb.demdex.net/ Frame E156 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
jcb.sc.omtrdc.net/ |
2 B 312 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YeUC_wAAAIw_7QPw
dpm.demdex.net/ Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 202 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s392565221441
jcb.sc.omtrdc.net/b/ss/jcb-corporate-2015-dev/1/JS-2.17.0-LBWB/ |
43 B 220 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: JCB (Financial)25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| _uxa boolean| utag_condload string| utag_lh object| utag function| utag_condloader boolean| __tealium_twc_switch object| bannerConfig function| $ function| jQuery string| _ret object| s_i_jcb-corporate-2015-dev9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.cj-com.com/ | Name: _cs_mk_aa Value: 0.8722353399904581_1642398459332 |
|
.demdex.net/ | Name: demdex Value: 37008769198847597382505884184115545342 |
|
.cj-com.com/ | Name: AMCVS_0FC4F0F5558BD5EB7F000101%40AdobeOrg Value: 1 |
|
.cj-com.com/ | Name: utag_main Value: v_id:017e6693a633000fb8e629b0378103072002006a00b08$_sn:1$_ss:1$_st:1642400259446$ses_id:1642398459446%3Bexp-session$_pn:1%3Bexp-session |
|
.cj-com.com/ | Name: s_pers Value: %20s_cvp%3D%255B%255B%2527type%252Fbookmark%252Freload%2527%252C%25271642398459899%2527%255D%255D%7C1650174459904%3B%20s_pr_time%3D1%252C%7C1673934459908%3B%20s_nr%3D1642398459933-New%7C1705470459933%3B |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~YeUC_wAAAIw_7QPw |
|
.dpm.demdex.net/ | Name: dpm Value: 37008769198847597382505884184115545342 |
|
.cj-com.com/ | Name: AMCV_0FC4F0F5558BD5EB7F000101%40AdobeOrg Value: 1075005958%7CMCIDTS%7C19010%7CMCMID%7C36981733009427660632506282427766323627%7CMCAAMLH-1643003259%7C11%7CMCAAMB-1643003259%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1642405659s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19017%7CvVersion%7C4.4.1 |
|
.cj-com.com/ | Name: s_sess Value: %20s_cc%3Dtrue%3B%20s_ips%3D1200%3B%20s_tp%3D1681%3B%20s_ppv%3Djp%25253A%25253Ajw%25253Ajcbmiilll%25253Aindex%252C71%252C71%252C1200%252C1%252C1%3B |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
cj-com.com
cm.everesttech.net
dpm.demdex.net
jcb.demdex.net
jcb.sc.omtrdc.net
tags.tiqcdn.com
www.rorkwear.com
18.141.92.5
18.180.95.159
2001:41d0:301::30
23.45.60.174
2600:140b:400:2a9::1e80
2606:4700:3036::ac43:dafa
3.113.78.189
52.194.122.99
298f1a2a17fe93ec46c6702dc2edcb43dc8c697f4d15b5e3e80bbaecffe21094
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4575f285b92e9416184965e5099afa8a141c841e6631bc6b4883c979cf7fa902
53637c634568daf9ef0d41a508c0c220a6a43a720ecc49d3972194bb1843f5f0
6034aa1a5202485c861be5b8b5664b920a6ba8e02f65bea1ba7419ad736145c1
631ea2bc942c1791920270ba02eef37774aa10db3994b4936a2b5f891a970ff7
6b47869cd7508503ba1e74d59bc3029b6042d59f22b1cbe2bd3f7bd2d39310ad
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
b688b7d8c9a306ac5fc64ab06561ca04693e1c5d0ea9877a4c853581d04971ea
c7a74b4cf3d4e6c4752c8b87d4adaf5a8f5ba6c9fac256eb227663259171e2a0
dd8e7c6375bd6ccc23582eec91b4f1417b6f582dfc48e40b7ae3a63d7b0ae949
e04c019b2640c7df86fb760fb2fe8d365269e5e000fab5437f56c7abf5f24f97
e961a6d74fbf3f96050dbe9ee5397f999ee88c30bb7eac4004c3a57d36078e29
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629