login.japannetbank.co.jp.szpdy.com Open in urlscan Pro
155.94.158.52 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login.japannetbank.co.jp.szpdy.com/
Submission: On March 18 via manual (March 18th 2021, 12:28:19 pm UTC) from JP

Summary HTTP 13 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 155.94.158.52, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is login.japannetbank.co.jp.szpdy.com.
TLS certificate: Issued by R3 on March 18th 2021. Valid for: 3 months.

This is the only time login.japannetbank.co.jp.szpdy.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Japan Net Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	155.94.158.52 155.94.158.52	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
4 10	2.17.189.43 2.17.189.43	16625 (AKAMAI-AS) (AKAMAI-AS)
4	203.180.136.109 203.180.136.109	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1	2600:9000:206... 2600:9000:206f:fa00:8:dcbf:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	182.22.89.247 182.22.89.247	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
13	5

1 155.94.158.52 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)

login.japannetbank.co.jp.szpdy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.17.189.43 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-189-43.deploy.static.akamaitechnologies.com

login.japannetbank.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.180.136.109 (Soka Shi, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
PTR: www.japannetbank.co.jp

sorry1.japannetbank.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:fa00:8:dcbf:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.yjtag.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.22.89.247 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
PTR: proxy131.ytm.vip.ssk.ynwp.yahoo.co.jp

yjtag.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	japannetbank.co.jp 4 redirects login.japannetbank.co.jp sorry1.japannetbank.co.jp	110 KB
1	yahoo.co.jp yjtag.yahoo.co.jp	579 B
1	yjtag.jp s.yjtag.jp	13 KB
1	szpdy.com login.japannetbank.co.jp.szpdy.com	5 KB
13	4

	Domain	Requested by
10	login.japannetbank.co.jp	4 redirects login.japannetbank.co.jp.szpdy.com
4	sorry1.japannetbank.co.jp	login.japannetbank.co.jp.szpdy.com
1	yjtag.yahoo.co.jp	s.yjtag.jp
1	s.yjtag.jp	login.japannetbank.co.jp.szpdy.com
1	login.japannetbank.co.jp.szpdy.com
13	5

This site contains links to these domains. Also see Links.

Domain
www.japannetbank.co.jp
help.japannetbank.co.jp

Subject Issuer	Validity	Valid
login.japannetbank.co.jp.szpdy.com R3	`2021-03-18` - `2021-06-16`	3 months	crt.sh
login.japannetbank.co.jp Cybertrust Japan SureServer EV CA G3	`2020-12-01` - `2021-12-30`	a year	crt.sh
mb.japannetbank.co.jp Cybertrust Japan SureServer EV CA G3	`2020-12-08` - `2021-12-31`	a year	crt.sh
*.tgm.yahoo-net.jp Cybertrust Japan SureServer CA G4	`2021-03-15` - `2022-04-14`	a year	crt.sh
yjtag.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2020-10-04` - `2021-11-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.japannetbank.co.jp.szpdy.com/
Frame ID: BDBD72A85BA87EE737D08A75636BD969
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

13
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

128 kB
Transfer

166 kB
Size

0
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.japannetbank.co.jp/namechange/
Title: 【重要】PayPay銀行への社名変更・サービス停止のご案内

Search URL Search Domain Scan URL

URL: https://help.japannetbank.co.jp/hc/ja
Title: よくあるご質問

Search URL Search Domain Scan URL

URL: https://www.japannetbank.co.jp/
Title: ジャパンネット銀行　ホーム

Search URL Search Domain Scan URL

URL: https://www.japannetbank.co.jp/news/general2015/151028.html
Title: SSL証明書の「SHA-2」方式への変更について

Search URL Search Domain Scan URL

URL: https://www.japannetbank.co.jp/help/customer.html
Title: カスタマーセンター

Search URL Search Domain Scan URL

URL: https://www.japannetbank.co.jp/crime/index.html

Search URL Search Domain Scan URL

URL: https://www.japannetbank.co.jp/cn_login.html
Title: チェック項目

Search URL Search Domain Scan URL

URL: https://www.japannetbank.co.jp/security/safety/index.html
Title: ログインパスワードや暗証番号は定期的な変更をおすすめいたします。

Search URL Search Domain Scan URL

URL: https://www.japannetbank.co.jp/security/crime/prv_phsh.html
Title: フィッシングに注意

Search URL Search Domain Scan URL

URL: https://www.japannetbank.co.jp/regulation/
Title: 取引規定集

Search URL Search Domain Scan URL

URL: https://www.japannetbank.co.jp/privacy/
Title: プライバシーポリシー

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://login.japannetbank.co.jp/commontpl/css/common_smt.css?v=170921 HTTP 302
https://sorry1.japannetbank.co.jp/css/abc.css

Request Chain 2

https://login.japannetbank.co.jp/commontpl/css/category/login_smt.css?v=210219 HTTP 302
https://sorry1.japannetbank.co.jp/css/abc.css

Request Chain 3

https://login.japannetbank.co.jp/commontpl/css/common_pc.css HTTP 302
https://sorry1.japannetbank.co.jp/css/abc.css

Request Chain 4

https://login.japannetbank.co.jp/commontpl/css/category/login_pc.css?v=201020 HTTP 302
https://sorry1.japannetbank.co.jp/css/abc.css

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
login.japannetbank.co.jp.szpdy.com/ 22 KB
5 KB 657ms
188ms Document
text/html 155.94.158.52
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://login.japannetbank.co.jp.szpdy.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 155.94.158.52 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache /
Resource Hash: e576938b04639f6e6a4a0f9f60e279c1b632ac2d71974cc645242def929b4502

Request headers

:method: GET
:authority: login.japannetbank.co.jp.szpdy.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 12:27:58 GMT
server: Apache
vary: Accept-Encoding
content-encoding: gzip
content-length: 5269
content-type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found reset.css%22
login.japannetbank.co.jp/commontpl/css/ 0
0 858ms
633ms Stylesheet
text/html 2.17.189.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.japannetbank.co.jp/commontpl/css/reset.css%22
Requested by: Host: login.japannetbank.co.jp.szpdy.com
URL: https://login.japannetbank.co.jp.szpdy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.17.189.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-189-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://login.japannetbank.co.jp.szpdy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

abc.css
sorry1.japannetbank.co.jp/css/
Redirect Chain

https://login.japannetbank.co.jp/commontpl/css/common_smt.css?v=170921
https://sorry1.japannetbank.co.jp/css/abc.css

8 B
272 B

1600ms
254ms

Stylesheet
text/css

203.180.136.109
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to

Full URL: https://sorry1.japannetbank.co.jp/css/abc.css
Requested by: Host: login.japannetbank.co.jp.szpdy.com
URL: https://login.japannetbank.co.jp.szpdy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.180.136.109 Soka Shi, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS: www.japannetbank.co.jp
Software: Apache /
Resource Hash: dd37b84b609288765a57fc32d97f8825c479e438923682eb829fabd622513a4a

Request headers

Referer: https://login.japannetbank.co.jp.szpdy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 12:28:00 GMT
Last-Modified: Thu, 12 Nov 2015 04:00:00 GMT
Server: Apache
ETag: "8-5244ffa113000"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8

Redirect headers

Location: https://sorry1.japannetbank.co.jp/css/abc.css
Date: Thu, 18 Mar 2021 12:27:59 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

abc.css
sorry1.japannetbank.co.jp/css/
Redirect Chain

https://login.japannetbank.co.jp/commontpl/css/category/login_smt.css?v=210219
https://sorry1.japannetbank.co.jp/css/abc.css

8 B
272 B

1603ms
262ms

Stylesheet
text/css

203.180.136.109
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to

Full URL: https://sorry1.japannetbank.co.jp/css/abc.css
Requested by: Host: login.japannetbank.co.jp.szpdy.com
URL: https://login.japannetbank.co.jp.szpdy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.180.136.109 Soka Shi, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS: www.japannetbank.co.jp
Software: Apache /
Resource Hash: dd37b84b609288765a57fc32d97f8825c479e438923682eb829fabd622513a4a

Request headers

Referer: https://login.japannetbank.co.jp.szpdy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 12:28:00 GMT
Last-Modified: Thu, 12 Nov 2015 04:00:00 GMT
Server: Apache
ETag: "8-5244ffa113000"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8

Redirect headers

Location: https://sorry1.japannetbank.co.jp/css/abc.css
Date: Thu, 18 Mar 2021 12:27:59 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

abc.css
sorry1.japannetbank.co.jp/css/
Redirect Chain

https://login.japannetbank.co.jp/commontpl/css/common_pc.css
https://sorry1.japannetbank.co.jp/css/abc.css

8 B
272 B

1605ms
263ms

Stylesheet
text/css

203.180.136.109
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to

Full URL: https://sorry1.japannetbank.co.jp/css/abc.css
Requested by: Host: login.japannetbank.co.jp.szpdy.com
URL: https://login.japannetbank.co.jp.szpdy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.180.136.109 Soka Shi, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS: www.japannetbank.co.jp
Software: Apache /
Resource Hash: dd37b84b609288765a57fc32d97f8825c479e438923682eb829fabd622513a4a

Request headers

Referer: https://login.japannetbank.co.jp.szpdy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 12:28:00 GMT
Last-Modified: Thu, 12 Nov 2015 04:00:00 GMT
Server: Apache
ETag: "8-5244ffa113000"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8

Redirect headers

Location: https://sorry1.japannetbank.co.jp/css/abc.css
Date: Thu, 18 Mar 2021 12:27:59 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

abc.css
sorry1.japannetbank.co.jp/css/
Redirect Chain

https://login.japannetbank.co.jp/commontpl/css/category/login_pc.css?v=201020
https://sorry1.japannetbank.co.jp/css/abc.css

8 B
272 B

1607ms
262ms

Stylesheet
text/css

203.180.136.109
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to

Full URL: https://sorry1.japannetbank.co.jp/css/abc.css
Requested by: Host: login.japannetbank.co.jp.szpdy.com
URL: https://login.japannetbank.co.jp.szpdy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.180.136.109 Soka Shi, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS: www.japannetbank.co.jp
Software: Apache /
Resource Hash: dd37b84b609288765a57fc32d97f8825c479e438923682eb829fabd622513a4a

Request headers

Referer: https://login.japannetbank.co.jp.szpdy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 12:28:00 GMT
Last-Modified: Thu, 12 Nov 2015 04:00:00 GMT
Server: Apache
ETag: "8-5244ffa113000"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8

Redirect headers

Location: https://sorry1.japannetbank.co.jp/css/abc.css
Date: Thu, 18 Mar 2021 12:27:59 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK header_logo.png
login.japannetbank.co.jp/commontpl/images/ 5 KB
6 KB 277ms
54ms Image
image/png 2.17.189.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.japannetbank.co.jp/commontpl/images/header_logo.png
Requested by: Host: login.japannetbank.co.jp.szpdy.com
URL: https://login.japannetbank.co.jp.szpdy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.17.189.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-189-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a1ecd92f120446b2f521a26ddc7ee48fbd93b4dbd628ed8fff6e10b54d7b141c

Request headers

Referer: https://login.japannetbank.co.jp.szpdy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 12:27:59 GMT
Last-Modified: Tue, 03 Dec 2013 00:20:40 GMT
Connection: keep-alive
Accept-Ranges: bytes
ETag: "c8030-15ea-442ea600"
Content-Length: 5610
Content-Type: image/png

GET
H/1.1 200
OK icon_caution.gif
login.japannetbank.co.jp/resource/image/common/ 325 B
548 B 52ms
52ms Image
image/gif 2.17.189.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.japannetbank.co.jp/resource/image/common/icon_caution.gif
Requested by: Host: login.japannetbank.co.jp.szpdy.com
URL: https://login.japannetbank.co.jp.szpdy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.17.189.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-189-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 549128cdeaf7f4c28fd4ca546e60d8712d52900537faad47749cd4009a12f648

Request headers

Referer: https://login.japannetbank.co.jp.szpdy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 12:27:59 GMT
Last-Modified: Thu, 20 Oct 2005 08:08:47 GMT
Connection: keep-alive
Accept-Ranges: bytes
ETag: "1163b5-145-10fa01c0"
Content-Length: 325
Content-Type: image/gif

GET
H/1.1 200
OK login_infotip.png
login.japannetbank.co.jp/commontpl/images/ 6 KB
6 KB 55ms
55ms Image
image/png 2.17.189.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.japannetbank.co.jp/commontpl/images/login_infotip.png
Requested by: Host: login.japannetbank.co.jp.szpdy.com
URL: https://login.japannetbank.co.jp.szpdy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.17.189.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-189-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bf227947f730fff2ffdb22efb079a3b0db0884b02bd2368180eacdc8fcd2e5c9

Request headers

Referer: https://login.japannetbank.co.jp.szpdy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 12:27:59 GMT
Last-Modified: Tue, 25 Jul 2017 06:00:12 GMT
Connection: keep-alive
Accept-Ranges: bytes
ETag: "10e3e3-18bc-b637300"
Content-Length: 6332
Content-Type: image/png

GET
H/1.1 200
OK login_cash_card.png
login.japannetbank.co.jp/commontpl/images/ 95 KB
96 KB 64ms
64ms Image
image/png 2.17.189.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.japannetbank.co.jp/commontpl/images/login_cash_card.png
Requested by: Host: login.japannetbank.co.jp.szpdy.com
URL: https://login.japannetbank.co.jp.szpdy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.17.189.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-189-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39998b2c6a40c06ebe18fdea073889f8a91d63b6326b3809b77445b27231e090

Request headers

Referer: https://login.japannetbank.co.jp.szpdy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 12:27:59 GMT
Last-Modified: Tue, 06 Nov 2018 20:24:59 GMT
Connection: keep-alive
Accept-Ranges: bytes
ETag: "128218-17db0-cbab1cc0"
Content-Length: 97712
Content-Type: image/png

GET
H/1.1 200
OK login_img001.gif
login.japannetbank.co.jp/commontpl/images/ 43 B
264 B 275ms
275ms Image
image/gif 2.17.189.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.japannetbank.co.jp/commontpl/images/login_img001.gif
Requested by: Host: login.japannetbank.co.jp.szpdy.com
URL: https://login.japannetbank.co.jp.szpdy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.17.189.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-189-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d3005a63604dec4786aa3e3aa7620601a0f247dd87ecaaef827910e883b02783

Request headers

Referer: https://login.japannetbank.co.jp.szpdy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 12:27:59 GMT
Last-Modified: Wed, 16 Jul 2014 02:30:27 GMT
Connection: keep-alive
Accept-Ranges: bytes
ETag: "1787b4-2b-4e9e36c0"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 tag.js Show response
s.yjtag.jp/ 37 KB
13 KB 29ms
6ms Script
application/javascript 2600:9000:206f:fa00:8:dcbf:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yjtag.jp/tag.js
Requested by: Host: login.japannetbank.co.jp.szpdy.com
URL: https://login.japannetbank.co.jp.szpdy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fa00:8:dcbf:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ea1d47e294e438851d775f2eca7352b4d03cf662e3ad9410f18bae663a380e5

Request headers

Referer: https://login.japannetbank.co.jp.szpdy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: pwVJ8CZ5CzxJk0oranYXZm0CJzsUHSFZ
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 01:50:12 GMT
server: AmazonS3
age: 5431
etag: W/"830cee037cbd2937feb368104dc9a35f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
p3p: CP=NOI DSP COR NID
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
date: Thu, 18 Mar 2021 10:57:28 GMT
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 4xt8qtFh-E684Y2hhNdPj7KNgHsK9ePD-gjKgZxcZlaNEpSusVWXcA==

GET
H/1.1 200 tag Show response
yjtag.yahoo.co.jp/ 0
579 B 992ms
336ms Script
text/javascript 182.22.89.247
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to

Full URL

https://yjtag.yahoo.co.jp/tag?site=tKAulMa&referrer=https%3A%2F%2Flogin.japannetbank.co.jp.szpdy.com%2F&H=-2lvocgg

Requested by

Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.22.89.247 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

proxy131.ytm.vip.ssk.ynwp.yahoo.co.jp

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.japannetbank.co.jp.szpdy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
X-BT-RequestId: 61810cc0-87e5-11eb-a90b-0000ac1c48e2
X-Content-Type-Options: nosniff
Age: 0
ETag: d41d8cd98f00b204e9800998ecf8427e
P3P: policyref="http://privacy.yahoo.co.jp/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Cache-Control: private, must-revalidate
Date: Thu, 18 Mar 2021 12:28:01 GMT
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Japan Net Bank (Banking)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.japannetbank.co.jp
login.japannetbank.co.jp.szpdy.com
s.yjtag.jp
sorry1.japannetbank.co.jp
yjtag.yahoo.co.jp
155.94.158.52
182.22.89.247
2.17.189.43
203.180.136.109
2600:9000:206f:fa00:8:dcbf:c740:93a1
39998b2c6a40c06ebe18fdea073889f8a91d63b6326b3809b77445b27231e090
3ea1d47e294e438851d775f2eca7352b4d03cf662e3ad9410f18bae663a380e5
549128cdeaf7f4c28fd4ca546e60d8712d52900537faad47749cd4009a12f648
a1ecd92f120446b2f521a26ddc7ee48fbd93b4dbd628ed8fff6e10b54d7b141c
bf227947f730fff2ffdb22efb079a3b0db0884b02bd2368180eacdc8fcd2e5c9
d3005a63604dec4786aa3e3aa7620601a0f247dd87ecaaef827910e883b02783
dd37b84b609288765a57fc32d97f8825c479e438923682eb829fabd622513a4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e576938b04639f6e6a4a0f9f60e279c1b632ac2d71974cc645242def929b4502

login.japannetbank.co.jp.szpdy.com Open in urlscan Pro 155.94.158.52 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

20 %IPv6

4 Domains

5 Subdomains

5 IPs

3 Countries

128 kBTransfer

166 kBSize

0 Cookies

11 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

24 JavaScript Global Variables

0 Cookies

Indicators

login.japannetbank.co.jp.szpdy.com Open in urlscan Pro
155.94.158.52 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

128 kB
Transfer

166 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!