s.vpass.jp
Open in
urlscan Pro
161.71.144.16
Malicious Activity!
Public Scan
Submission: On January 12 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 3rd 2023. Valid for: a year.
This is the only time s.vpass.jp was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: SMBC (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 161.71.144.16 161.71.144.16 | 14340 (SALESFORCE) (SALESFORCE) | |
8 | 2 |
ASN14340 (SALESFORCE, US)
PTR: sledge1-hnd.slb.sfdcsvc.net
s.vpass.jp |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
vpass.jp
s.vpass.jp |
119 KB |
8 | 1 |
Domain | Requested by | |
---|---|---|
8 | s.vpass.jp |
s.vpass.jp
|
8 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
s.vpass.jp DigiCert SHA2 Extended Validation Server CA |
2023-04-03 - 2024-03-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://s.vpass.jp/?id=Ka862l1F9900000
Frame ID: 55B74A1354C2D60024109064C8DAC9C0
Requests: 11 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
s.vpass.jp/ |
82 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stub.js
s.vpass.jp/static/111213/js/perf/ |
1 KB 906 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript
s.vpass.jp/faces/a4j/g/ |
73 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SfdcCore.js
s.vpass.jp/jslibrary/1699262264246/ui-sfdc-javascript-impl/ |
183 KB 62 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
picklist4.js
s.vpass.jp/static/111213/js/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VFState.js
s.vpass.jp/jslibrary/1686615502246/sfdc/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NetworkTracking.js
s.vpass.jp/jslibrary/1647410350246/sfdc/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smcc_logo
s.vpass.jp/resource/1666692346000/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
274 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: SMBC (Financial)257 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| PerfConstants object| PerfLogLevel object| Perf function| Sarissa undefined| x undefined| _SARISSA_DOM_PROGID undefined| _SARISSA_XMLHTTP_PROGID undefined| _SARISSA_DOM_XMLWRITER undefined| importTable object| A4J function| _sarissa_XMLDocument_onload object| LOG object| RichFaces function| ApiUtils function| PreferenceBits function| DateUtil object| AbstractAutoCompleteServlet object| AccountAssociationSuggestionsServlet object| Activity object| ActivityPage object| ActivityReminderConstants object| ActivityReminderPage object| ActivityReminderRefreshPage object| ActivityUi object| AddRulesToTerritory2MultiSelectList object| AdvancedCurrencyEnable object| AjaxGetFieldTreeChildren object| AjaxGetUser object| AjaxGetUsersInGroups object| AjaxInNumericRange object| AjaxLoadFieldsForControllingEntity object| AjaxLoadFieldsForEntity object| AjaxLoadPLAForPageServlet object| AjaxLoadPLAForRecordTypeServlet object| AjaxLoadPLAServlet object| AjaxLoadRelatedListItem object| AjaxScanFieldsForShrinkage object| AjaxServlet object| AjaxValidateFormula object| AjaxValidateSpanningFormulasInRelatedList object| Aotp object| AssociationSelectElement object| BaseAssociationConstants object| BaseIntermediateRedirectServlet object| BlowoutServlet object| BodyLayout object| BounceEmailConstants object| BrandingColor object| BusinessHoursPageConstants object| BusyTimesAjaxServlet object| CSRFConstants object| CampaignManageMembers object| CaptchaVerifierServlet object| CaseUi object| ChangePasswordConstants object| ChangeUsernameConstants object| ChartConstants object| ChatterDeflection object| ChatterEmailSettingsConstants object| ChatterFilesConstants object| ChatterService object| ColorInputConstants object| ColorPickerConstants object| ColumnTypeConstants object| CompactLayoutAssignmentConstants object| CompactLayoutUiConst object| ConsoleSidebarSetupEditor object| ContextPaneEditor object| CreateNewElement object| CreateNewList object| CriteriaInputConstants object| CrtConstants object| CrtLayoutElement object| CrtLookupConstants object| CrtObjectElement object| CustomFieldDefinitionUiModel object| CustomMotifDefinitionPageConst object| CustomObjectTeamMemberUiConstants object| CustomObjectTeamTemplateUiConstants object| CustomSchemaObjectDefinitionUiModel object| DashboardConstants object| DataDotComCleanConstants object| DatePickerIds object| Desktop object| DesktopSidebarComponents object| DetailElement object| DeveloperSettings object| DurationInputElement object| DynamicContent object| EditElement object| EditEventMultiUserCalendarElementConstants object| EditPageConstants object| EmailAddrEditConstants object| EmailAttachmentManagementConstants object| EmailAuthorConstants object| EmailCCBccLookupConstants object| EmailChangeVerification object| EmailRelayConstants object| EmailSyncConfigConstants undefined| EmailTaskDescriptionServlet object| TaskDescriptionServlet object| EmailTemplatePreviewConstants object| EntitySharingConstants object| EventDescriptionServlet object| EventObject object| EventPage object| EventUi object| FieldTreeConstants object| FilterEditConstants object| FilterEditPageConstants object| FilterSelectionElement object| FindSimilarOppsFilter object| ForecastRoleUser object| ForecastSettings object| ForecastSharingPrefPopup object| ForecastSummaryPage object| ForecastingDateRangeServlet object| ForecastingDisplayedTypeServlet object| ForecastingJumpToUserServlet object| ForecastingPage object| ForecastingTabPage object| ForecastingTree object| ForecastingViewingIsoServlet object| GenerateRelationshipDefaults object| GoogleDocCreator object| GoogleTalkConstants object| HTPortal object| HelpBubbleConstants object| HighlightsPanelConstants object| HolidayUi object| HomeCalendarAjaxServlet object| HoverTooltipElement object| IFrameElement object| Ideas object| InlineEditConstants object| InlineHelp object| InlineScontrolElement object| InviterLookup object| InviterLookupMatch object| JSPDispatcher object| JigsawImport object| JigsawSearch object| Kb2Id object| KnowledgeSettingsUI object| ListView object| LiveAgentAddToTranscriptSearch object| LiveAgentAutoQuery object| LiveAgentConsoleAjaxServlet object| LiveAgentConstants object| LiveAgentFindOrCreate object| LiveChatButtonConstants object| LookupInputElement object| LookupUi object| LookupValidationServlet object| LookupsUi object| MCFilterPaneParams object| MCXHRParams object| MRUAutoCompleteServlet object| MWPicker object| MacroPage object| MailmergeTemplateSelectElementConst object| ManageableInfo object| MapServletParams object| MenuButtonElement object| MobilePushServiceTest object| MotifInputElementConst object| MouseOverElement object| MultiLookupInputElement object| MultiSelectList object| MultiUserCalendar object| MyCustomObjectConstants object| NewLayoutEditor object| NonUddKeyConstants object| OrganizerPage object| PersonalSetup object| PersonalSetupConstants object| PortalStyleConfigEditorConstants object| ProfileEditConstants object| ProfileListInlineEditConstants object| QuickTextAutoCompleteServlet object| RelatedListPrioritizationServlet object| RelatedListServlet object| RelatedListSuppressionServlet object| ReportChartMetadataServlet object| ReportConstants object| ReportsFch object| RequestInfo object| RoleTreeCookieConstants object| RtaImageServlet object| RuleFilterPageConstants object| ScheduleElement object| SchedulePage object| SchedulingUtils object| SchemaBuilder object| SchemaBuilderConfig object| SearchClickLogging object| SearchRelatedList object| SearchSettingsConstants object| SeascLogRecordHandler object| SectionElement object| ServiceDeskHotkeyEditor object| ServiceDeskPage object| SessionTimeServlet object| SetupSearchElement object| SetupTreeNodeConstants object| SideTabPreferenceServlet object| SidebarConstants object| SidetabConstants object| SlaProcessUi object| SoftphoneConstants object| SoftphoneLayoutEditorConstants object| SoftphoneMatchTypeEnum object| SoftphoneScreenPopTypeEnum object| StageManager object| SuggestedTimeProvider object| SummaryFieldConstants object| SummaryLayoutEditor object| SynonymConstants object| TabOrganizerConstants object| TabSetPageConstants object| TagConstants object| TagMode object| TaskMassAction object| TaskOwnerLookup object| TaskUi object| Territory2RuleLookup object| TimePickerInputElementConstants object| Udd object| UiData object| UnifiedSearchComponents object| UnifiedSearchUI object| UserDeactivate object| UserInterfaceUI object| ViralInviteSignupConstants object| VisualforceConstants object| WhoWhatQueue object| findSimilarQueryPage object| vaSelectElementConst object| UserContext object| TWEEN function| SfdcFramework function| LC object| Mustache function| Sizzle object| Sfdc number| data-uidSfdc function| picklist function| picklistForInlineEditing function| multiPicklist function| Bitset object| SfdcApp object| NetworkTracking object| UITheme function| dpf function| apf function| jsfcljs2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
s.vpass.jp/ | Name: CookieConsentPolicy Value: 0:1 |
|
s.vpass.jp/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests frame-ancestors 'self' |
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
s.vpass.jp
161.71.144.16
2d0014cb0fb6642f37005633f4831b0f815848ac0f98a89a7e689e53df812ba0
4769691a04111fa88a390a1d97e5cd01ad7e8987056c33ff58e191251e20a24b
47ad727e30f58560da257bd0d08f81f6ab41c5638fdd2ec3d34cbff1435f929a
53b8500cf55ef83525c8116f540a93906ca036650613427676268fdf88477032
5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb
71a960580916550deaa5c80d82e0f514fcef1024fd637e3ccfbdc4bfdc4bb6e1
7da058a4e1bd6368be16eb513d108c61e9016968c859b28bc24ac2629e401773
8019a66a41ba1d00060d6068828c0d11aad28286fb8ad8ffc431943ec75fde45
aaf57ae4c06dde240cbc53fdd03be04ead91dbe33bcc425e4ffacf55be5b5186
c0ebd11abbb5de2f4c3744133b4627d31b7b9e190c8bac7a8f7bc48c21cf526f
e2caeb89b440c1260fd3105e4b1474666ee12ae51636e9464a962c9357043cb6