dzl.baidu.com
Open in
urlscan Pro
111.206.223.136
Malicious Activity!
Public Scan
Effective URL: http://dzl.baidu.com/iebar/iebardnserror.html?q=http%3A%2F%2Fwww.my.japanpost-sp.jp%2F
Submission: On September 20 via manual from JP
Summary
This is the only time dzl.baidu.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Japan Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 63.250.33.95 63.250.33.95 | 22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap) | |
2 | 104.27.175.113 104.27.175.113 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
17 | 111.206.223.136 111.206.223.136 | 4808 (CHINA169-...) (CHINA169-BJ China Unicom Beijing Province Network) | |
1 | 180.101.212.39 180.101.212.39 | 4134 (CHINANET-...) (CHINANET-BACKBONE No.31) | |
8 | 112.80.248.165 112.80.248.165 | 4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone) | |
44 | 6 |
ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
dzl.baidu.com |
ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
bar.baidu.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
baidu.com
dzl.baidu.com img.baidu.com bar.baidu.com top.baidu.com Failed |
291 KB |
13 |
japanpost-sp.jp
my.japanpost-sp.jp |
226 KB |
2 |
5uu8.com
sslcode.5uu8.com |
6 KB |
44 | 3 |
Domain | Requested by | |
---|---|---|
17 | dzl.baidu.com |
my.japanpost-sp.jp
dzl.baidu.com img.baidu.com |
13 | my.japanpost-sp.jp |
my.japanpost-sp.jp
|
8 | bar.baidu.com |
dzl.baidu.com
|
2 | sslcode.5uu8.com |
my.japanpost-sp.jp
sslcode.5uu8.com |
1 | img.baidu.com |
dzl.baidu.com
|
0 | top.baidu.com Failed |
dzl.baidu.com
|
44 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
news.baidu.com |
www.baidu.com |
tieba.baidu.com |
zhidao.baidu.com |
music.baidu.com |
image.baidu.com |
video.baidu.com |
map.baidu.com |
top.baidu.com |
bar.baidu.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
my.japanpost-sp.jp Let's Encrypt Authority X3 |
2019-09-20 - 2019-12-19 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-07-07 - 2020-07-06 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
http://dzl.baidu.com/iebar/iebardnserror.html?q=http%3A%2F%2Fwww.my.japanpost-sp.jp%2F
Frame ID: C538DE0CA6F708801F8004AC8493372B
Requests: 35 HTTP requests in this frame
Frame:
http://dzl.baidu.com/iebar/dnsError/spreadPage/index.html
Frame ID: 0ADF476F6AF953EF8072509CDB8E4A2F
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://my.japanpost-sp.jp/ Page URL
- http://dzl.baidu.com/iebar/iebardnserror.html?q=http%3A%2F%2Fwww.my.japanpost-sp.jp%2F Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
Title: 新闻
Search URL Search Domain Scan URL
Title: 网页
Search URL Search Domain Scan URL
Title: 贴吧
Search URL Search Domain Scan URL
Title: 知道
Search URL Search Domain Scan URL
Title: 音乐
Search URL Search Domain Scan URL
Title: 图片
Search URL Search Domain Scan URL
Title: 视频
Search URL Search Domain Scan URL
Title: 地图
Search URL Search Domain Scan URL
Title: 更多
Search URL Search Domain Scan URL
Title: 更多>>
Search URL Search Domain Scan URL
Title: 更多>>
Search URL Search Domain Scan URL
Title: 更多>>
Search URL Search Domain Scan URL
Title: 电影
Search URL Search Domain Scan URL
Title: 电视剧
Search URL Search Domain Scan URL
Title: 小说
Search URL Search Domain Scan URL
Title: 动漫
Search URL Search Domain Scan URL
Title: 百度搜索风云榜
Search URL Search Domain Scan URL
Title: 使用帮助
Search URL Search Domain Scan URL
Title: 关于此出错页面
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://my.japanpost-sp.jp/ Page URL
- http://dzl.baidu.com/iebar/iebardnserror.html?q=http%3A%2F%2Fwww.my.japanpost-sp.jp%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
44 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
my.japanpost-sp.jp/ |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dgCJbase.css
my.japanpost-sp.jp/static/yahulogin/ |
160 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
my.japanpost-sp.jp/static/yahulogin/ |
90 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mjl.js
my.japanpost-sp.jp/static/yahulogin/ |
37 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heightLine.js
my.japanpost-sp.jp/static/yahulogin/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
run.js
my.japanpost-sp.jp/static/yahulogin/ |
65 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dgbjRequestControllerP01.js
my.japanpost-sp.jp/static/yahulogin/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rh.js
my.japanpost-sp.jp/static/yahulogin/ |
30 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rsa.js
my.japanpost-sp.jp/static/yahulogin/ |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DFCJheader_img_01.jpg
my.japanpost-sp.jp/static/yahulogin/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DFCJdirect_img_01.jpg
my.japanpost-sp.jp/static/yahulogin/ |
25 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DFCJfooter_img_01.jpg
my.japanpost-sp.jp/static/yahulogin/ |
24 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DFCJfooter_img_02.jpg
my.japanpost-sp.jp/static/yahulogin/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ip_7117.js
sslcode.5uu8.com/ip/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ipchk_7117_68747470733A2F2F6D792E6A6170616E706F73742D73702E6A702F_null_z2i00_2824.js
sslcode.5uu8.com/ip/ |
9 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
iebardnserror.html
dzl.baidu.com/iebar/ |
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
dzl.baidu.com/iebar/dnsError/js/ |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
dzl.baidu.com/iebar/dnsError/spreadPage/js/ |
1 KB 651 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.js
dzl.baidu.com/iebar/dnsError/js/ |
172 B 520 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search.js
dzl.baidu.com/iebar/dnsError/js/ |
1 KB 957 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fengyun_datas.js
dzl.baidu.com/iebar/dnsError/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
dzl.baidu.com/iebar/dnsError/spreadPage/ Frame 0ADF |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
baidu_sylogo.png
dzl.baidu.com/iebar/dnsError/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
error_2012_12_24.png
dzl.baidu.com/iebar/dnsError/images/ |
607 B 888 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
poster-bg.gif
dzl.baidu.com/iebar/dnsError/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
thinkpad.gif
dzl.baidu.com/iebar/dnsError/images/ |
120 KB 121 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
dzl.baidu.com/iebar/dnsError/spreadPage/js/ Frame 0ADF |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tangram-base-1.5.2.js
img.baidu.com/js/ Frame 0ADF |
82 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SchAIM-mini.js
dzl.baidu.com/iebar/dnsError/spreadPage/js/ Frame 0ADF |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.js
dzl.baidu.com/iebar/dnsError/spreadPage/js/ Frame 0ADF |
846 B 881 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
init.js
dzl.baidu.com/iebar/dnsError/spreadPage/js/ Frame 0ADF |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spreadPage_show.html
bar.baidu.com/log/ Frame 0ADF |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.js
dzl.baidu.com/iebar/dnsError/spreadPage/js/ Frame 0ADF |
846 B 881 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qixiangju.jpg
dzl.baidu.com/iebar/dnsError/spreadPage/pic/ Frame 0ADF |
47 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST |
gen_json
top.baidu.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
POST |
gen_json
top.baidu.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
POST |
gen_json
top.baidu.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_xml_p.php
bar.baidu.com/fengyun/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_xml_p.php
bar.baidu.com/fengyun/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_xml_p.php
bar.baidu.com/fengyun/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_xml_p.php
bar.baidu.com/fengyun/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_xml_p.php
bar.baidu.com/fengyun/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_xml_p.php
bar.baidu.com/fengyun/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_xml_p.php
bar.baidu.com/fengyun/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- top.baidu.com
- URL
- http://top.baidu.com/gen_json?b=1
- Domain
- top.baidu.com
- URL
- http://top.baidu.com/gen_json?b=42
- Domain
- top.baidu.com
- URL
- http://top.baidu.com/gen_json?b=2
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Japan Post (Transportation)55 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| sliderPic function| g function| trim function| execSearching function| isFocus function| openPage function| getBrowser function| UrlDecode function| QueryString number| checkvalue function| SelectSearchType function| GoAction function| moves function| over function| out string| log object| win object| ule object| imgs object| con_n object| num number| index undefined| TimeR object| _rolling string| kw string| q undefined| re undefined| strReg undefined| key undefined| domain undefined| txt undefined| back undefined| tn_Value undefined| bar_Value undefined| ASBar undefined| searchFor function| changeHref boolean| isFirefox boolean| isSafari object| links function| getData function| echoData function| doReport function| StringtoXML function| jQuery18302896031781287429_1568955935193 function| jQuery18302896031781287429_1568955935194 function| jQuery18302896031781287429_1568955935195 function| jQuery18302896031781287429_1568955935196 function| jQuery18302896031781287429_1568955935197 function| jQuery18302896031781287429_1568955935198 function| jQuery18302896031781287429_15689559351990 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bar.baidu.com
dzl.baidu.com
img.baidu.com
my.japanpost-sp.jp
sslcode.5uu8.com
top.baidu.com
top.baidu.com
104.27.175.113
111.206.223.136
112.80.248.165
180.101.212.39
63.250.33.95
0e911544d53d576c00e5722b33665d352c1d3b29fbee71e2d59b2875a8b638a7
126ae76e141dd06d221a1e43de0dbd961fdd7a2ace80568d6ad087529c3908b0
191928d7797918661d5d6b7a07e07c42eb6ecf7dd1f8142013e06b2fad001c61
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
22deb3c288aa42cc50140d782d5f4f7d1619857a9df25db9cf925b6fdb30f8db
243e111eadce9084dab9ff23a3a0603a9705acc3eb5983fe131f41da45067999
37c517f60e8334bdb4ffc257703902e61c0db061453cab969d323899f6c6a13d
42cc3f08a5352b84820590bf61c7a29f6c82f4154813f1b656029e8c7e5162b9
48f66258bd6c075e9ca74e9d3b6daa03087fb5e6cc6a86588748faaf587b9d34
5090ab47087e3753037c25b01b5a613908f29c20b1eb1c6fcf17967d3dab332c
526c66150bc92d15b3137a68e0e84ab6090b69cddbd64e7bb08b60529685274c
5581a3f5aa3a66cc92e7248af7df17a8aed389aa214a8fec790decb6634ad1d7
5bacab2f49d3efd607b847a8130b07db395f5307350a2b9dd9686c6b4ddd7bfd
687a7cfdd4e43597c21ef511d6c819835c6dc8c96f7e5f95697d07749b766e82
6a3a7e7dacffe678071af680dacaa04449dcfadfb7c885010f1631c80cffe61f
77187a4136726c3b4e5f87db315dc0b28abcc55acba2e2692a9d7aaca39b7386
793c2f3d02d0bc3ad8a2cdc901b2134159b66245e951ac258fee1ac8b2709f44
9c370f14df076e8c80e6071cb48b48b4300d590cc0dc9e671d6726f4e9f016f7
aad4da8202a1f5ddf36155907fa4474aa47597fdfae999570ca6ed4ba371d8c6
aed4eabad14a2c07d8cb6146e16dbe2575ffe2c473708b2bd8c32ed5c00b8d68
b4ff878c5eb95950a30cbb613830ff9bb4842bdd7762b822a9f4591cb2dc64eb
b7e4851edb5278b4fe8ef725582362c380d22f0bc9e0bbb62a29b738e77c5c5d
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
bba6bb5574079ddb3ac6429c42f528af399b5f9e129a10cf52625d4c2a3ddc1b
c22cc6ac9b1c3975b4a0a40d5176fb4e7f76d27530834366711e122a8ac351af
c3d3b737d923d09f376c899f78f860ee079aa7924cf9224c921fb0f15d8cdcee
c640a6bcc558193b53bbb8c77ab7218465428a73b1d3c7b1c4eb25b840bff6f3
c73fb4df6c0adc0a04c7db7683fcc40acbf4c143b3f6cd344a25f11b7924c1d5
cd8ec588e131ea86415446a2b3cca42c95b0214098237a900dffc57fa4a1c3bf
dcced2d5d40110adb6f7851656dd7f13f80b2f794a97e8aa8cd8a042dc685151
e23c1c6a155ed200cf9e674d81d3f2830ce77b45cc96640728d3ee8c0e31d937
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855