jtmu0.com Open in urlscan Pro
104.21.61.13 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://jtmu0.com/
Effective URL:
https://jtmu0.com/info.php
Submission: On March 17 via manual (March 17th 2023, 4:37:11 am UTC) from JP — Scanned from JP

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 104.21.61.13, located in and belongs to CLOUDFLARENET, US. The main domain is jtmu0.com.
TLS certificate: Issued by GTS CA 1P5 on March 16th 2023. Valid for: 3 months.

This is the only time jtmu0.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yamato Transport (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 13	104.21.61.13 104.21.61.13		13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	1

13 104.21.61.13 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jtmu0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	jtmu0.com 1 redirects jtmu0.com	90 KB
12	1

	Domain	Requested by
13	jtmu0.com	1 redirects jtmu0.com
12	1

This site contains links to these domains. Also see Links.

Domain
faq.kuronekoyamato.co.jp

Subject Issuer	Validity	Valid
*.jtmu0.com GTS CA 1P5	`2023-03-16` - `2023-06-14`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://jtmu0.com/info.php
Frame ID: 74331CCB041393BBA69122B44BA6946B
Requests: 9 HTTP requests in this frame

Frame: https://jtmu0.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679025600
Frame ID: AB3A3CF5E9B6491AFCB31564D355E850
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

荷物お問い合わせシステム

Page URL History Show full URLs

https://jtmu0.com/ HTTP 302
https://jtmu0.com/info.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

89 kB
Transfer

151 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://faq.kuronekoyamato.co.jp/
Title: よくある質問

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://jtmu0.com/ HTTP 302
https://jtmu0.com/info.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request info.php Show response jtmu0.com/ Redirect Chain https://jtmu0.com/ https://jtmu0.com/info.php	13 KB 5 KB	142ms 141ms	Document text/html	104.21.61.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jtmu0.com/info.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.61.13 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `177d44ff4c8947cc6616e70876226ee100e472273ab3e8a65741e53e53137438` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7a9289e79f3fe03d-NRT content-encoding br content-type text/html;charset=utf-8 date Fri, 17 Mar 2023 04:37:05 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXl1phsDTnfUrG4Vu6ObO7rmhu1kC9K1nMsJenx8295qtrE2xnqXMwQuyQ%2FZ6yRcyUd4VnnESzDWXRtSg1OTxXlH8%2Fd1On%2BYLubNUOdrGhuHI1g8AJhFrOjPDS4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7a9289dee806e03d-NRT content-type text/html; charset=UTF-8 date Fri, 17 Mar 2023 04:37:05 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location ./info.php nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2B93f5pLJWmOLbYIvXBaGoxhA27uPaNXolmWbdXsHQGtgX6iMte5w76JjGtm9wcfqaP32hYkeRRdwXwlknzYnZ4UWo6C%2FPqPLvWgifzbMd3eKTVw9uR53qtLdRI%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	style.css jtmu0.com/css/	45 KB 7 KB	28ms 28ms	Stylesheet text/css	104.21.61.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jtmu0.com/css/style.css Requested by Host: jtmu0.com URL: https://jtmu0.com/info.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.61.13 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `943ceefa11b26321d787c9f77d0dae3b8b8404dea09b3716f99c08974674eab5` Request headers accept-language jp-JP,jp;q=0.9 Referer https://jtmu0.com/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 17 Mar 2023 04:37:06 GMT content-encoding br cf-cache-status HIT last-modified Mon, 23 May 2022 19:27:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4336 etag W/"b53f-5dfb2d4becc80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrWYdzg24wFILBZ6NPewyC%2BIRtWm2LUgusc1K6FuWqStmZ6HPaU6EQZR58BSaA3lC9VtmrzWqkuhop%2FyPz8Z8DPVJdl4PSzlorynVP2MXEaLOetVN1iwV08rjgA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7a9289e8780fe03d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	logo.png jtmu0.com/image/	3 KB 4 KB	32ms 32ms	Image image/png	104.21.61.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jtmu0.com/image/logo.png Requested by Host: jtmu0.com URL: https://jtmu0.com/info.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.61.13 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2594c084948733af513aa6064e08903964281bc4079e59a6422de3814884b053` Request headers accept-language jp-JP,jp;q=0.9 Referer https://jtmu0.com/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 17 Mar 2023 04:37:06 GMT cf-cache-status HIT last-modified Mon, 23 May 2022 19:27:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4335 etag "dff-5dfb2d4dd5100" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RG3WV2Y6UAz8pIqohUSQk3CLSR5y8Mu%2BIjEdiBCGqCYLQBT%2BSomAOAGGMjjwKSBmaEXU7cUauZh3dE5LJ1Ad%2BMFVxH4CKQAKsLlIefivoMPrfRua81wuXOYmfLc%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7a9289e87810e03d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3583
GET H2	200	logo-jitbox.png jtmu0.com/image/	10 KB 10 KB	28ms 28ms	Image image/png	104.21.61.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jtmu0.com/image/logo-jitbox.png Requested by Host: jtmu0.com URL: https://jtmu0.com/info.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.61.13 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fa88ab24a7241ee4cc6923d9969f3d27096a672e6bb87d85b9f33e1a02ca4b10` Request headers accept-language jp-JP,jp;q=0.9 Referer https://jtmu0.com/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 17 Mar 2023 04:37:06 GMT cf-cache-status HIT last-modified Mon, 23 May 2022 19:27:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4335 etag "2684-5dfb2d4dd5100" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uz9R1YVsJuvnyHn0W3RDEt%2F6Nw5owLTUtR90iHBrgcEUSYK709mQCPQv6Ysde%2FSFdlR%2FEhFhW2fj7UFfltFr7%2BnNsd8NZ%2FGE4HuDHeZkx1KxV%2BdZDPu%2F5g2DpZg%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7a9289e8a836e03d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9860
GET H2	200	com_logo.png jtmu0.com/image/	15 KB 15 KB	44ms 43ms	Image image/png	104.21.61.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jtmu0.com/image/com_logo.png Requested by Host: jtmu0.com URL: https://jtmu0.com/info.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.61.13 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `702be8c20ee12eafc6a24f4ad278330b5ed9d500cb3542d019ae890dbd78093b` Request headers accept-language jp-JP,jp;q=0.9 Referer https://jtmu0.com/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 17 Mar 2023 04:37:06 GMT cf-cache-status HIT last-modified Mon, 23 May 2022 19:27:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4335 etag "3b3b-5dfb2d4dd5100" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qFqIad3CuDaHhO9%2FIuGhFnmANYiN93b49OeMREMZedkloLlEQwf8JqJxprOn0DOFId0mn2G%2BNwOADsnptclCG6CR01lTdI9ckb%2BIyx7I03pSI8jFQzauk2SzVM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7a9289e8c848e03d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15163
GET H2	200	com_sns_ic05.png jtmu0.com/image/	8 KB 8 KB	45ms 44ms	Image image/png	104.21.61.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jtmu0.com/image/com_sns_ic05.png Requested by Host: jtmu0.com URL: https://jtmu0.com/info.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.61.13 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `43178d623716da66afa896e9a43ec859f807494ce22331de996744006949a368` Request headers accept-language jp-JP,jp;q=0.9 Referer https://jtmu0.com/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 17 Mar 2023 04:37:06 GMT cf-cache-status HIT last-modified Mon, 23 May 2022 19:27:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4335 etag "1f8a-5dfb2d4dd5100" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BzAi3D8MuzPciidCVAEeZ6sVgxGMCWGwcYA6wglAdNZ7NeinjTwFJO5g6hWG0MCMc%2B3mgZJ9YqVQcrIB3Q1HiOO16kt8XyZoajY22zf47Mczhvn1UGQicLvQLc%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7a9289e8c84be03d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8074
GET H2	200	com_sns_ic02.png jtmu0.com/image/	14 KB 14 KB	42ms 42ms	Image image/png	104.21.61.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jtmu0.com/image/com_sns_ic02.png Requested by Host: jtmu0.com URL: https://jtmu0.com/info.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.61.13 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0efe90ec10b6a4157a6fa596b16164861e20a2d8cdf2443806a1a71bcd19bc8d` Request headers accept-language jp-JP,jp;q=0.9 Referer https://jtmu0.com/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 17 Mar 2023 04:37:06 GMT cf-cache-status HIT last-modified Mon, 23 May 2022 19:27:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4335 etag "374c-5dfb2d4dd5100" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efA13cTVbLqC6agSn9WFytvHSyQ9dJL%2FBMrBFG7%2Fta18nWS1CLbLyCHNbipTpLGu%2FPlrlsjxePQTHzaQs3%2FSshEvhgMLY8iDmtVVcCAfloc8IHwAoGqB3HOsJ%2FE%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7a9289e8c84ce03d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14156
GET H2	200	com_sns_ic03.png jtmu0.com/image/	5 KB 6 KB	52ms 51ms	Image image/png	104.21.61.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jtmu0.com/image/com_sns_ic03.png Requested by Host: jtmu0.com URL: https://jtmu0.com/info.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.61.13 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f6e651f94a1f6ade5e4668fe33c3b044328dd8ccbb2939924681a395f09d82a4` Request headers accept-language jp-JP,jp;q=0.9 Referer https://jtmu0.com/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 17 Mar 2023 04:37:06 GMT cf-cache-status HIT last-modified Mon, 23 May 2022 19:27:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4335 etag "15e5-5dfb2d4dd5100" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bz4C%2FG3FpKl4bDBYwaukW9Dzkf9oigzzOhVGHJIkYWs7bEuWmF462oaJ1qITK5C6PGSRgNTZE8O6%2BmBOAPpOohNFV0%2FZVOo%2Bt1vn%2B6FGv0a%2FzJc%2FRbNnp4dKEUQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7a9289e8c84de03d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5605
GET H2	200	com_sns_ic04.png jtmu0.com/image/	5 KB 5 KB	45ms 45ms	Image image/png	104.21.61.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jtmu0.com/image/com_sns_ic04.png Requested by Host: jtmu0.com URL: https://jtmu0.com/info.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.61.13 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `277027dd1b2376d6ed0ebdef036764aa4f74204e85edb19b15944b9ed3909c87` Request headers accept-language jp-JP,jp;q=0.9 Referer https://jtmu0.com/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 17 Mar 2023 04:37:06 GMT cf-cache-status HIT last-modified Mon, 23 May 2022 19:27:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4335 etag "13f1-5dfb2d4dd5100" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfD9RMb%2BaYxHKCGKJN%2BpWi6TCQz8GEfg6AP%2FNGHv93QrmIM8Vpx%2FBgKcHmS5YZZEudW6DxTo8P1Y7lmmpH4s6ttZlFYE15nVRqgQoTj3u1YCBldPEDxTSFrUMvY%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7a9289e8c84ee03d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5105
GET H2	200	invisible.js Show response jtmu0.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame AB3A	26 KB 11 KB	28ms 27ms	Script application/javascript	104.21.61.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jtmu0.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679025600 Requested by Host: jtmu0.com URL: https://jtmu0.com/info.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.61.13 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d2af028443cfb6f20641bd2a9788de13ac102516dc1e17e3ccc1721cc25e9d31` Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 17 Mar 2023 04:37:06 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9yAiFT3h0c4wGQcP%2BiCT0Qpr8di6G%2FcQuBQuN5JZ6QfIrlqJS3nEHxmi7%2F1JUuxboUHx5tsaXfONP5dKnLVqFIu5HQbBb8WqhKB4ydEtgmu7IpceG1Etk%2Ffmjc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 7a9289e90891e03d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	pica.js jtmu0.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame AB3A	7 KB 3 KB	34ms 34ms	Other application/javascript	104.21.61.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jtmu0.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.61.13 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ab5e9ff452677b132cbe0c646ec936a501212636d2389307638435a9025e0328` Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 17 Mar 2023 04:37:06 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jl8GAVl3iIm4qhmvnBDbZs5AapvicXTMRnnEvXZ9yuSborFDCM8qB2A5rdKQaukqjZWc6814lGpeBqbXygxzKsnphFqF6JQ28GCDNegsW5EIe%2BRK2h46rmBjdNs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 7a9289e95948e03d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	200	7a9289e79f3fe03d Show response jtmu0.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame AB3A	2 B 514 B	53ms 53ms	XHR text/plain	104.21.61.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jtmu0.com/cdn-cgi/challenge-platform/h/g/cv/result/7a9289e79f3fe03d Requested by Host: jtmu0.com URL: https://jtmu0.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679025600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.61.13 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Referer accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/json Response headers date Fri, 17 Mar 2023 04:37:06 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7f4O7sORNnZbM8lI7DDtO9InnEGOn2nwwDyhiIBGtS9y9aUqSGGratYnEHqxjq81862VCdSWUSXigpKDz5xjkJayqMReJha0RwSxsnXyvpUGI6gS9%2FBz%2F%2B32hjo%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 7a9289eaca91e03d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yamato Transport (Transportation)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			jtmu0.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: l2rhlctes4nvupjqm8cjoh875b
			.jtmu0.com/	1970-01-20 10:23:49	Name: __cf_bm Value: gByCPG.T6XIgaY1k0rS_LoJPrA.5oGyWDMmh1SaUj2s-1679027826-0-AcNVXicaoU88ImO8I3G3C1qeQqki/LHhJgsTQd0wS26aULE5FNlvqDSDtSSeu326yL9i1TK+ggTtwwONJDXFO2L8hjqyNk1U1njaD6GNFrgn1MiiksgbqnuuIJfE2oylTg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

jtmu0.com
104.21.61.13
0efe90ec10b6a4157a6fa596b16164861e20a2d8cdf2443806a1a71bcd19bc8d
177d44ff4c8947cc6616e70876226ee100e472273ab3e8a65741e53e53137438
2594c084948733af513aa6064e08903964281bc4079e59a6422de3814884b053
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
277027dd1b2376d6ed0ebdef036764aa4f74204e85edb19b15944b9ed3909c87
43178d623716da66afa896e9a43ec859f807494ce22331de996744006949a368
702be8c20ee12eafc6a24f4ad278330b5ed9d500cb3542d019ae890dbd78093b
943ceefa11b26321d787c9f77d0dae3b8b8404dea09b3716f99c08974674eab5
ab5e9ff452677b132cbe0c646ec936a501212636d2389307638435a9025e0328
d2af028443cfb6f20641bd2a9788de13ac102516dc1e17e3ccc1721cc25e9d31
f6e651f94a1f6ade5e4668fe33c3b044328dd8ccbb2939924681a395f09d82a4
fa88ab24a7241ee4cc6923d9969f3d27096a672e6bb87d85b9f33e1a02ca4b10

jtmu0.com Open in urlscan Pro 104.21.61.13 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

89 kBTransfer

151 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

2 Cookies

Indicators

jtmu0.com Open in urlscan Pro
104.21.61.13 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

89 kB
Transfer

151 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!