eki-netp.com
Open in
urlscan Pro
89.43.107.206
Malicious Activity!
Public Scan
Effective URL: https://eki-netp.com/Personal/member/wb/Login/Login
Submission Tags: #phishing @ap_zenmashi Search All
Submission: On September 22 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by R3 on September 21st 2022. Valid for: 3 months.
This is the only time eki-netp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: JR East (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 20 | 89.43.107.206 89.43.107.206 | 202422 (GHOST) (GHOST) | |
4 5 | 18.66.122.52 18.66.122.52 | 16509 (AMAZON-02) (AMAZON-02) | |
4 8 | 199.232.214.128 199.232.214.128 | 54113 (FASTLY) (FASTLY) | |
1 1 | 3.113.212.249 3.113.212.249 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.66.147.46 18.66.147.46 | 16509 (AMAZON-02) (AMAZON-02) | |
22 | 5 |
ASN202422 (GHOST, LU)
PTR: dgfdcxfb7.example.com
eki-netp.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-52.fra60.r.cloudfront.net
mercari.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-212-249.ap-northeast-1.compute.amazonaws.com
guest-agent.mobilus.me |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-46.fra60.r.cloudfront.net
cdn.agent.mobilus.me |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
eki-netp.com
5 redirects
eki-netp.com |
623 KB |
13 |
mercari.com
8 redirects
mercari.com — Cisco Umbrella Rank: 55570 www.mercari.com — Cisco Umbrella Rank: 61357 jp.mercari.com — Cisco Umbrella Rank: 241056 |
2 KB |
2 |
mobilus.me
1 redirects
guest-agent.mobilus.me — Cisco Umbrella Rank: 749797 cdn.agent.mobilus.me — Cisco Umbrella Rank: 773843 |
88 KB |
22 | 3 |
Domain | Requested by | |
---|---|---|
20 | eki-netp.com |
5 redirects
eki-netp.com
|
5 | mercari.com |
4 redirects
eki-netp.com
|
4 | jp.mercari.com |
eki-netp.com
|
4 | www.mercari.com | 4 redirects |
1 | cdn.agent.mobilus.me |
eki-netp.com
|
1 | guest-agent.mobilus.me | 1 redirects |
22 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.eki-net.com |
secure.okbiz.okwave.jp |
www.jreast.co.jp |
my.jreast.co.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
eki-netp.com R3 |
2022-09-21 - 2022-12-20 |
3 months | crt.sh |
mercari.com Amazon |
2021-12-27 - 2023-01-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://eki-netp.com/Personal/member/wb/Login/Login
Frame ID: 79E0A2FCFADDD76F416E8D1DB5B339F6
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
えきねっと(JR東日本)|ログインPage URL History Show full URLs
-
https://eki-netp.com/
HTTP 302
https://eki-netp.com/Personal/member/wb/Login/Login Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: えきねっとチケットレス座席指定券
Search URL Search Domain Scan URL
Title: よくあるご質問
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: My JR-EASTのID・パスワードをお忘れの場合(My JR-EASTサイトへ)
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://eki-netp.com/
HTTP 302
https://eki-netp.com/Personal/member/wb/Login/Login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://eki-netp.com/personal/common/img/icon_linkblank.png HTTP 302
- https://mercari.com/jp/ HTTP 301
- https://www.mercari.com/jp/ HTTP 301
- https://jp.mercari.com/
- https://eki-netp.com/Personal/member/wb/UserCommon/GetHeaderMenuJSON?status=0&_=1663821114591 HTTP 302
- https://mercari.com/jp/
- https://eki-netp.com/top/common/img/chatbot/btn_chatbot_l_pc.png HTTP 302
- https://mercari.com/jp/ HTTP 301
- https://www.mercari.com/jp/ HTTP 301
- https://jp.mercari.com/
- https://eki-netp.com/top/common/img/chatbot/btn_chatbot_switch.svg HTTP 302
- https://mercari.com/jp/ HTTP 301
- https://www.mercari.com/jp/ HTTP 301
- https://jp.mercari.com/
- https://guest-agent.mobilus.me/web/mobi-agent-client-frame-loader.min.js?domainId=ekinet HTTP 301
- https://cdn.agent.mobilus.me/assets/script/embed/current/mobi-agent-client-frame-loader.min.js?40.1.3d4d6aa4b_2022.09.21_09.19.01
- https://eki-netp.com/personal/common/css/load_font.css HTTP 302
- https://mercari.com/jp/ HTTP 301
- https://www.mercari.com/jp/ HTTP 301
- https://jp.mercari.com/
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Login
eki-netp.com/Personal/member/wb/Login/ Redirect Chain
|
20 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
eki-netp.com/Personal/common/css/ |
124 KB 124 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
module.css
eki-netp.com/Personal/member/wb/css/ |
75 KB 75 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
member.css
eki-netp.com/Personal/member/wb/css/ |
20 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
eki-netp.com/Personal/member/wb/css/ |
40 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_searchparts.css
eki-netp.com/Personal/member/wb/css/ |
121 KB 121 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.4.1.min.js
eki-netp.com/Personal/common/js/ |
86 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate.js
eki-netp.com/Personal/member/wb/js/ |
75 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
eki-netp.com/Personal/member/wb/js/ |
31 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_ekinet.png
eki-netp.com/Personal/member/wb/img/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_jreast.png
eki-netp.com/Personal/member/wb/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_input_error.png
eki-netp.com/Personal/member/wb/img/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_linkblank.png
eki-netp.com/Personal/member/wb/img/ |
166 B 465 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
jp.mercari.com/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GetHeaderMenu.js
eki-netp.com/Personal/member/wb/js/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
member_footer.js
eki-netp.com/Personal/member/wb/js/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
mercari.com/jp/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
jp.mercari.com/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
jp.mercari.com/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobi-agent-client-frame-loader.min.js
cdn.agent.mobilus.me/assets/script/embed/current/ Redirect Chain
|
276 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
mercari.com/jp/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
jp.mercari.com/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mercari.com
- URL
- https://mercari.com/jp/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: JR East (Transportation)88 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| submitForm function| submitForm2 function| submitFormGet function| ListSelectedChanged function| IsZenkaku function| isZenKana function| IsHankaku function| IsHankakuNum function| PasswordCK function| checkAT function| IsNumeric function| ChangeBtnEnable function| autoCheck function| specialAutoCheck function| searchInput function| searchNumberInput function| IsValid function| UserIDfilterCheck function| UserIDCK function| IsMailAddress function| CtoH function| ToDBC function| ReplaceHiraKata object| narrowdicASCII object| widedicASCII string| keyString object| narrowdicANK object| widedicANK function| CharWideNarrow function| disabledMouseWheel function| scrollFunc function| addMouseWheelEvent function| SetModelData function| PartialRefresh function| WindowClose function| ValuesNotEqualCheck function| BindInputNumberInputEvent function| SetInputNumberMaxLength object| arrCustomRequiredElements function| IsRequiredElement function| BindCustomRequiredCheck function| BindSelectItemValidatonEvent function| ElementHasValue function| BindEmailSuggestionList function| IsValidDate function| IsDateBeforeSomeday string| errorMsg string| msgTag string| msgErrorClass object| CheckLogicList object| NoErrorFocusStyleViews function| MsgCheckLogic function| SearchTargetElement function| SetErrorMessage function| SetCheckBoxFocusStyle function| PatternScriptLoaded function| SetFingerprintCookie function| TopMaterialIndexScriptLoaded function| InitElements function| HandleResponse string| path string| templateHTML_footer object| script function| ekinetChatbot object| switchChatBtn object| chatBtn function| chatbotSmall undefined| showFlug undefined| timer number| startPos number| winScrollTop object| topBtn boolean| scrollFlug undefined| fix_totalmenu_H object| __core-js_shared__ object| core object| MobiAgentClient2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
eki-netp.com/ | Name: mercar:sid Value: s%3Ab5795995-2e4d-4ba1-b256-8f7b84c76957.civcJjUM9Yhmh07rPkRyldEewBTIlHxB3zZ9hm%2B5NUo |
|
guest-agent.mobilus.me/ | Name: AWSALBCORS Value: 02OwN5ke67yn6QSyqT2Q7JxGXj/vmxb7NymQUnM15N37obj4evcCufV3VUwDcBrlJ0qhgktPS3yizi4sqxm8hfpiQg+ffZqS3RW0qXG2ljRgnAtMzPfQpMPfFHaN |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.agent.mobilus.me
eki-netp.com
guest-agent.mobilus.me
jp.mercari.com
mercari.com
www.mercari.com
mercari.com
18.66.122.52
18.66.147.46
199.232.214.128
3.113.212.249
89.43.107.206
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09a397fded7fc6a85364dc5f6f687754d3864d3ac072331e830fc1a84ba549d4
0aa01f9264576111ed73c4ec601b89f52e497a849e079ffc236d90728bfe5bef
3f7c549cfacde11c4129c09b1908d106126d823682cc758f70fc046638d7746b
4b214c995de8e6d7c3067c57c5a380b3f51c5c53d8623f34a6e142566c8e1046
7989d4923e6686ba2adac55246f5752b308a8ea97e0a7e56c23493a2622370a4
7d6d9fa0ebf465571b9d138348db7b5e1c48d40d2af1ccd67c2e5ef54e1b805f
8535b1d400162b861c773eed1e70788c19c8f6a7700a1d2a909fb59ff464d178
8dedbd4baf911bb111f598cb63a8680d066ad3cf8f61898c34b3f7b90541fdb4
8ec8422069685c2b2ef85012308ba2e19552dac459e7f059027bb0479e45ee59
99d0ee5934ce5ffc753be2aca722db868b4698081b4b42ec9259f9dc4df65311
ba4924716ed0580ae30f974eebb97421a2c10c1e2cf61e8ad60fcd39d8fbca30
d00b36aa1a4ef7f6bc537230fbaf03cc752167312d6d27f5072b8a1606b77d0d
d5a24a94f56adf1b34053b4171f10218578fe1cab57de5e135e2bf18f268b49c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e918e110b6e7e8c5ada678baab1d10bcf4f24d149943804b0b31363ccd976b7a
f6d9c7ecf639a57d618678748df969cd24e150ba95c3611069edaa542ec95f98