jpspoolservice.mycustomerconnect.com
Open in
urlscan Pro
52.34.207.165
Malicious Activity!
Public Scan
Effective URL: https://jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/index.html?055abb8875177c488d34befbc54f4a14=055abb8875177c488d34befbc54f4a14&05...
Submission: On June 12 via manual from US
Summary
TLS certificate: Issued by Trustwave Organization Validation SHA... on June 25th 2019. Valid for: a year.
This is the only time jpspoolservice.mycustomerconnect.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online) DoCANVAS (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 13.89.172.4 13.89.172.4 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
13 | 52.34.207.165 52.34.207.165 | 16509 (AMAZON-02) (AMAZON-02) | |
10 | 219.118.67.181 219.118.67.181 | 2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications) | |
24 | 3 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mail-jp.azurewebsites.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-207-165.us-west-2.compute.amazonaws.com
jpspoolservice.mycustomerconnect.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
mycustomerconnect.com
jpspoolservice.mycustomerconnect.com |
10 KB |
10 |
kkcatv.jp
webmail.kkcatv.jp |
171 KB |
1 |
azurewebsites.net
mail-jp.azurewebsites.net |
438 B |
24 | 3 |
Domain | Requested by | |
---|---|---|
13 | jpspoolservice.mycustomerconnect.com |
mail-jp.azurewebsites.net
jpspoolservice.mycustomerconnect.com |
10 | webmail.kkcatv.jp |
jpspoolservice.mycustomerconnect.com
|
1 | mail-jp.azurewebsites.net | |
24 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.azurewebsites.net Microsoft IT TLS CA 5 |
2019-09-24 - 2021-09-24 |
2 years | crt.sh |
*.mycustomerconnect.com Trustwave Organization Validation SHA256 CA, Level 1 |
2019-06-25 - 2020-07-02 |
a year | crt.sh |
*.kkcatv.jp GeoTrust RSA CA 2018 |
2018-12-17 - 2020-12-16 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/index.html?055abb8875177c488d34befbc54f4a14=055abb8875177c488d34befbc54f4a14&055abb8875177c488d34befbc54f4a14055abb8875177c488d34befbc54f4a14&_user=&055abb8875177c488d34befbc54f4a14
Frame ID: 5596D2739D4D34CAC846DA33851F94A6
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://mail-jp.azurewebsites.net/index2.php Page URL
- https://jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/index.html?055abb8875177c488d34befbc54f4a14=055abb8875177c4... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery-ui.*\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://mail-jp.azurewebsites.net/index2.php Page URL
- https://jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/index.html?055abb8875177c488d34befbc54f4a14=055abb8875177c488d34befbc54f4a14&055abb8875177c488d34befbc54f4a14055abb8875177c488d34befbc54f4a14&_user=&055abb8875177c488d34befbc54f4a14 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
index2.php
mail-jp.azurewebsites.net/ |
413 B 438 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index.html
jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/ |
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.min.css
webmail.kkcatv.jp/skins/classic/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.9.2.custom.css
webmail.kkcatv.jp/plugins/jqueryui/themes/classic/ |
34 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
webmail.kkcatv.jp/program/js/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.min.js
webmail.kkcatv.jp/program/js/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min.js
webmail.kkcatv.jp/program/js/ |
248 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jstz.min.js
webmail.kkcatv.jp/program/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.9.2.custom.min.js
webmail.kkcatv.jp/plugins/jqueryui/js/ |
231 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
no-logo.png
webmail.kkcatv.jp/skins/default//images/ |
182 B 488 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
listheader.gif
webmail.kkcatv.jp/skins/classic/images/ |
314 B 621 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg.gif
webmail.kkcatv.jp/skins/classic/images/buttons/ |
196 B 502 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
folders.png
jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/skins/classic/images/icons/ |
372 B 372 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mail_footer.png
jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/skins/classic/images/ |
370 B 370 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
taskicons.gif
jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/skins/classic/images/ |
368 B 368 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.gif
jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/skins/classic/images/display/ |
374 B 374 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pagenav.gif
jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/skins/classic/images/ |
366 B 366 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mail_toolbar.png
jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/skins/classic/images/ |
371 B 371 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
searchfield.gif
jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/skins/classic/images/ |
370 B 370 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
messageicons.png
jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/skins/classic/images/ |
371 B 371 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.gif
jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/skins/classic/images/icons/ |
370 B 370 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
abook_toolbar.png
jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/skins/classic/images/ |
372 B 372 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
groupactions.png
jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/skins/classic/images/icons/ |
377 B 377 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watermark.gif
jpspoolservice.mycustomerconnect.com/fonts/webmail.jp/skins/classic/images/ |
368 B 368 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online) DoCANVAS (Telecommunication)28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery number| CONTROL_KEY number| SHIFT_KEY number| CONTROL_SHIFT_KEY function| roundcube_browser object| rcube_event function| rcube_event_engine function| rcube_check_email function| rcube_clone_object function| urlencode function| rcube_find_object function| rcube_mouse_is_over function| setCookie function| getCookie function| rcube_console object| bw object| Base64 function| rcube_webmail object| jstz object| rcmail object| jQuery111005654899145137087 function| DP_jQuery_1591995554813 object| url string| c object| img0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
jpspoolservice.mycustomerconnect.com
mail-jp.azurewebsites.net
webmail.kkcatv.jp
13.89.172.4
219.118.67.181
52.34.207.165
1759f5dbb4f622915ffd52e723c91a9d29c85b6a22bf242e4d54b83cdacea1d2
1ea9dad3602d77369e7aaded77c6808cc9385b971a380f9c93e47465933eadd5
218cad3ccb71666790fc8155586e5c2444f23c924ba2c739e68a31ec266f421e
4cbb138f810bdde4e309dc7b9e6d3d09510f7df1e139d95666253c43f16708d0
581d7ca4ed46235b1b20393209eea721cc12937269a882e5a0299215cbf793c1
5a228f0710abb9142842fb92fcfadc3e636c517f09422b903cda936cce5dff0a
746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d
7b902b041c9d374bec0476422b7a3f7e27f546e371e962e45e4cebe1c482a91b
9ce2667dcb113b884cdfa18fc23c67aebda17458891c308761a6fa239f6bf575
a6e07a76ec1783fa22a9e5fd6fcc2916af01eb7b8acd73462b2f22cb1c526010
a6eaf994e7a16aa9b5c156b2e4a96adae87f06c5237c60e559863ace8ac9b02d
b07c6db6107f3140db715ce545e2a03f4a6c5da9cee98b216de028db016f340d
b5a7eca96e3f59baca867b87c393788cf3814edccfe993e2d5b3e5ba762a7280
c328016f37b0f5e585d7207d40e0da902267604de00eb50ab8c2b720f5e5018a
c4bf1e11b7413f891400f52eff4c5427e812350c5284fb8a5855a00ebd9e80ea
c56a511852f8b97f8631972301f6dcb86094a150ede45671903628819b6f02ae
ccd27eac3ac3c03423db8f8be358885632fa42a54bae3c35015c11cd3ea39c80
cf8e517f37fafd1177b366b0b39d616c71bcee9fec89ae17f6108dca319de1a0
d4dcc517ff489d115f51cf306755611d1e2055e16d9f5bce3ee18584d32a7da6
d9f27a7522c5884c4a12fda2bb5415696e1cc496d578097a0ffb2439adea7a0d
dd5186fc9835187f2cebd23927d293e122357518277870f7123b1c2968f1d121
e9e84083fbf17e7eaa282751dc0ffaa1bd0a9ae75bf7d4e2bfc2afb6cbedb365
f672b7ca18ae0e12d1e01cf31be2daa4cd65733b8a5471eedd2ac939b150d4f9
fee5a30ddc52ae26830d5e5c91ad1e765f8cfd3f00c093ba9bc804683ee8fa64