login.japannetbank.co.jp.szpdy.com
Open in
urlscan Pro
155.94.158.52
Malicious Activity!
Public Scan
Submission: On March 18 via manual from JP
Summary
TLS certificate: Issued by R3 on March 18th 2021. Valid for: 3 months.
This is the only time login.japannetbank.co.jp.szpdy.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Japan Net Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 155.94.158.52 155.94.158.52 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
4 10 | 2.17.189.43 2.17.189.43 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
4 | 203.180.136.109 203.180.136.109 | 2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.) | |
1 | 2600:9000:206... 2600:9000:206f:fa00:8:dcbf:c740:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 182.22.89.247 182.22.89.247 | 23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation) | |
13 | 5 |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
login.japannetbank.co.jp.szpdy.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-17-189-43.deploy.static.akamaitechnologies.com
login.japannetbank.co.jp |
ASN2497 (IIJ Internet Initiative Japan Inc., JP)
PTR: www.japannetbank.co.jp
sorry1.japannetbank.co.jp |
ASN23816 (YAHOO Yahoo Japan Corporation, JP)
PTR: proxy131.ytm.vip.ssk.ynwp.yahoo.co.jp
yjtag.yahoo.co.jp |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
japannetbank.co.jp
4 redirects
login.japannetbank.co.jp sorry1.japannetbank.co.jp |
110 KB |
1 |
yahoo.co.jp
yjtag.yahoo.co.jp |
579 B |
1 |
yjtag.jp
s.yjtag.jp |
13 KB |
1 |
szpdy.com
login.japannetbank.co.jp.szpdy.com |
5 KB |
13 | 4 |
Domain | Requested by | |
---|---|---|
10 | login.japannetbank.co.jp |
4 redirects
login.japannetbank.co.jp.szpdy.com
|
4 | sorry1.japannetbank.co.jp |
login.japannetbank.co.jp.szpdy.com
|
1 | yjtag.yahoo.co.jp |
s.yjtag.jp
|
1 | s.yjtag.jp |
login.japannetbank.co.jp.szpdy.com
|
1 | login.japannetbank.co.jp.szpdy.com | |
13 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.japannetbank.co.jp |
help.japannetbank.co.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.japannetbank.co.jp.szpdy.com R3 |
2021-03-18 - 2021-06-16 |
3 months | crt.sh |
login.japannetbank.co.jp Cybertrust Japan SureServer EV CA G3 |
2020-12-01 - 2021-12-30 |
a year | crt.sh |
mb.japannetbank.co.jp Cybertrust Japan SureServer EV CA G3 |
2020-12-08 - 2021-12-31 |
a year | crt.sh |
*.tgm.yahoo-net.jp Cybertrust Japan SureServer CA G4 |
2021-03-15 - 2022-04-14 |
a year | crt.sh |
yjtag.yahoo.co.jp Cybertrust Japan SureServer CA G4 |
2020-10-04 - 2021-11-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.japannetbank.co.jp.szpdy.com/
Frame ID: BDBD72A85BA87EE737D08A75636BD969
Requests: 13 HTTP requests in this frame
11 Outgoing links
These are links going to different origins than the main page.
Title: 【重要】PayPay銀行への社名変更・サービス停止のご案内
Search URL Search Domain Scan URL
Title: よくあるご質問
Search URL Search Domain Scan URL
Title: ジャパンネット銀行 ホーム
Search URL Search Domain Scan URL
Title: SSL証明書の「SHA-2」方式への変更について
Search URL Search Domain Scan URL
Title: カスタマーセンター
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: チェック項目
Search URL Search Domain Scan URL
Title: ログインパスワードや暗証番号は定期的な変更をおすすめいたします。
Search URL Search Domain Scan URL
Title: フィッシングに注意
Search URL Search Domain Scan URL
Title: 取引規定集
Search URL Search Domain Scan URL
Title: プライバシーポリシー
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://login.japannetbank.co.jp/commontpl/css/common_smt.css?v=170921 HTTP 302
- https://sorry1.japannetbank.co.jp/css/abc.css
- https://login.japannetbank.co.jp/commontpl/css/category/login_smt.css?v=210219 HTTP 302
- https://sorry1.japannetbank.co.jp/css/abc.css
- https://login.japannetbank.co.jp/commontpl/css/common_pc.css HTTP 302
- https://sorry1.japannetbank.co.jp/css/abc.css
- https://login.japannetbank.co.jp/commontpl/css/category/login_pc.css?v=201020 HTTP 302
- https://sorry1.japannetbank.co.jp/css/abc.css
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
login.japannetbank.co.jp.szpdy.com/ |
22 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.css%22
login.japannetbank.co.jp/commontpl/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
abc.css
sorry1.japannetbank.co.jp/css/ Redirect Chain
|
8 B 272 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
abc.css
sorry1.japannetbank.co.jp/css/ Redirect Chain
|
8 B 272 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
abc.css
sorry1.japannetbank.co.jp/css/ Redirect Chain
|
8 B 272 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
abc.css
sorry1.japannetbank.co.jp/css/ Redirect Chain
|
8 B 272 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_logo.png
login.japannetbank.co.jp/commontpl/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_caution.gif
login.japannetbank.co.jp/resource/image/common/ |
325 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_infotip.png
login.japannetbank.co.jp/commontpl/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_cash_card.png
login.japannetbank.co.jp/commontpl/images/ |
95 KB 96 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_img001.gif
login.japannetbank.co.jp/commontpl/images/ |
43 B 264 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
s.yjtag.jp/ |
37 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag
yjtag.yahoo.co.jp/ |
0 579 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Japan Net Bank (Banking)24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| jspName undefined| _bt_url_prefix undefined| _bt_referrer undefined| _bt_site undefined| _bt_mode function| bt_log function| bt_eval function| bt_parameter function| bt_meta function| bt_cookie function| bt_data function| bt_handle_exception function| bt_data_escaped object| BrightTag function| btServe0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.japannetbank.co.jp
login.japannetbank.co.jp.szpdy.com
s.yjtag.jp
sorry1.japannetbank.co.jp
yjtag.yahoo.co.jp
155.94.158.52
182.22.89.247
2.17.189.43
203.180.136.109
2600:9000:206f:fa00:8:dcbf:c740:93a1
39998b2c6a40c06ebe18fdea073889f8a91d63b6326b3809b77445b27231e090
3ea1d47e294e438851d775f2eca7352b4d03cf662e3ad9410f18bae663a380e5
549128cdeaf7f4c28fd4ca546e60d8712d52900537faad47749cd4009a12f648
a1ecd92f120446b2f521a26ddc7ee48fbd93b4dbd628ed8fff6e10b54d7b141c
bf227947f730fff2ffdb22efb079a3b0db0884b02bd2368180eacdc8fcd2e5c9
d3005a63604dec4786aa3e3aa7620601a0f247dd87ecaaef827910e883b02783
dd37b84b609288765a57fc32d97f8825c479e438923682eb829fabd622513a4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e576938b04639f6e6a4a0f9f60e279c1b632ac2d71974cc645242def929b4502