mufgbsaekcxjp.com Open in urlscan Pro
61.111.129.232 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mufgbsaekcxjp.com/
Effective URL:
https://mufgbsaekcxjp.com/
Submission: On December 15 via manual (December 15th 2020, 9:29:43 pm UTC) from JP

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 22 HTTP transactions. The main IP is 61.111.129.232, located in Korea, Republic Of and belongs to HYUNDAI-KR Shinbiro, KR. The main domain is mufgbsaekcxjp.com.
TLS certificate: Issued by R3 on December 15th 2020. Valid for: 3 months.

This is the only time mufgbsaekcxjp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AEON Group (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 22	61.111.129.232 61.111.129.232	4670 (HYUNDAI-K...) (HYUNDAI-KR Shinbiro)
1	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
22	2

22 61.111.129.232 (Korea, Republic Of) 1 redirects

ASN4670 (HYUNDAI-KR Shinbiro, KR)

mufgbsaekcxjp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	mufgbsaekcxjp.com 1 redirects mufgbsaekcxjp.com	279 KB
1	51.la ia.51.la	255 B
22	2

	Domain	Requested by
22	mufgbsaekcxjp.com	1 redirects mufgbsaekcxjp.com
1	ia.51.la	mufgbsaekcxjp.com
22	2

This site contains links to these domains. Also see Links.

Domain
aeonav.com

Subject Issuer	Validity	Valid
mufgbsaekcxjp.com R3	`2020-12-15` - `2021-03-15`	3 months	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-05-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://mufgbsaekcxjp.com/
Frame ID: B3DBE53EE545DEB37BA76DA5C9E76E92
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mufgbsaekcxjp.com/ HTTP 301
https://mufgbsaekcxjp.com/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

279 kB
Transfer

580 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://aeonav.com/#MsgBalloon1
Title: 契約者IDがわからないお客さま

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mufgbsaekcxjp.com/ HTTP 301
https://mufgbsaekcxjp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response mufgbsaekcxjp.com/ Redirect Chain http://mufgbsaekcxjp.com/ https://mufgbsaekcxjp.com/	12 KB 4 KB	1182ms 555ms	Document text/html	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Full URL https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `9cb4088bc242b60f5a3027b30956f565208442ada9563d0ad51afc85e474539b` Request headers Host mufgbsaekcxjp.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Cache-Control private Content-Type text/html Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/7.5 Set-Cookie ASPSESSIONIDSSCSAQRT=JMEFCIHAJBFIICGFEJFAMMFM; path=/ X-Powered-By ASP.NET Date Tue, 15 Dec 2020 21:29:31 GMT X-Cache MISS from KOGIA-A Content-Length 4219 Redirect headers Server plus Date Tue, 15 Dec 2020 21:29:23 GMT Location https://mufgbsaekcxjp.com/ Content-Length 0
GET H/1.1	200 OK	jquery-3.3.1.min.js Show response mufgbsaekcxjp.com/aeon/	85 KB 38 KB	1139ms 553ms	Script application/x-javascript	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Full URL https://mufgbsaekcxjp.com/aeon/jquery-3.3.1.min.js Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:14 GMT Content-Encoding gzip Last-Modified Tue, 15 Dec 2020 12:01:31 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "d5f5c96dad2d61:0" Vary Accept-Encoding X-Cache HIT from KOGIA-A Content-Type application/x-javascript Accept-Ranges bytes Content-Length 38892
GET H/1.1	200 OK	sp_cust_com.css mufgbsaekcxjp.com/aeon/	315 KB 66 KB	558ms 556ms	Stylesheet text/css	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Full URL https://mufgbsaekcxjp.com/aeon/sp_cust_com.css Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `990bfc5d561571ebf37829cf90a974eba22907f5a7bc7ee07ac6eabbb1e25ff6` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:14 GMT Content-Encoding gzip Last-Modified Tue, 15 Dec 2020 12:01:31 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "a28cc6dad2d61:0" Vary Accept-Encoding X-Cache HIT from KOGIA-A Content-Type text/css Accept-Ranges bytes Content-Length 66823
GET H/1.1	200 OK	set_default_middle.css mufgbsaekcxjp.com/aeon/	120 B 522 B	1141ms 556ms	Stylesheet text/css	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Full URL https://mufgbsaekcxjp.com/aeon/set_default_middle.css Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `2cedf48e6dc5b0323a3ca39759e1f232e37eca2f1dcb822154810e2445b5f1ae` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:15 GMT Content-Encoding gzip Last-Modified Tue, 15 Dec 2020 12:01:31 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "ef1cc6dad2d61:0" Vary Accept-Encoding X-Cache HIT from KOGIA-A Content-Type text/css Accept-Ranges bytes Content-Length 204
GET H/1.1	200 OK	jquery_002.js Show response mufgbsaekcxjp.com/aeon/	2 KB 1 KB	1142ms 555ms	Script application/x-javascript	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Full URL https://mufgbsaekcxjp.com/aeon/jquery_002.js Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `e3a285d58bcf7c3fdfad5e314ae600f761e2cf96ed9e805e1ef0cefede7bf643` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:15 GMT Content-Encoding gzip Last-Modified Tue, 15 Dec 2020 12:01:31 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "4a4dcd6dad2d61:0" Vary Accept-Encoding X-Cache HIT from KOGIA-A Content-Type application/x-javascript Accept-Ranges bytes Content-Length 736
GET H/1.1	200 OK	Aeon_func_balloon.js Show response mufgbsaekcxjp.com/aeon/	458 B 700 B	1144ms 556ms	Script application/x-javascript	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Full URL https://mufgbsaekcxjp.com/aeon/Aeon_func_balloon.js Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `c22aab6517751e0d74fd66bf7f1e931c661f2fc76770805ef49512182bb9aecc` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:15 GMT Content-Encoding gzip Last-Modified Tue, 15 Dec 2020 12:01:31 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "9af5ce6dad2d61:0" Vary Accept-Encoding X-Cache HIT from KOGIA-A Content-Type application/x-javascript Accept-Ranges bytes Content-Length 365
GET H/1.1	200 OK	f.txt Show response mufgbsaekcxjp.com/aeon/	5 KB 3 KB	1139ms 550ms	Script text/plain	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Full URL https://mufgbsaekcxjp.com/aeon/f.txt Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `b5adf2320e7d6552234ce1619b6ebe9933928c16a88bbb0d4549cfd72d8de4f5` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:15 GMT Content-Encoding gzip Last-Modified Tue, 15 Dec 2020 12:01:34 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "aa65e48dad2d61:0" Vary Accept-Encoding X-Cache HIT from KOGIA-A Content-Type text/plain Accept-Ranges bytes Content-Length 2824
GET H/1.1	200 OK	sp_header_logo.png mufgbsaekcxjp.com/aeon/	21 KB 22 KB	579ms 579ms	Image image/png	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Show image Full URL https://mufgbsaekcxjp.com/aeon/sp_header_logo.png Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `570d472fecbb15bdae66ae21e7fe7b4954886e6fb9b1e054058329fca53399c5` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:15 GMT Last-Modified Tue, 15 Dec 2020 12:01:34 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "977e58dad2d61:0" X-Cache HIT from KOGIA-A Content-Type image/png Accept-Ranges bytes Content-Length 21745
GET H/1.1	200 OK	sp_header_evssl_button_01.png mufgbsaekcxjp.com/aeon/	3 KB 4 KB	581ms 580ms	Image image/png	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Show image Full URL https://mufgbsaekcxjp.com/aeon/sp_header_evssl_button_01.png Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `76d3a033fdc686813d4b4c29b3463fa2f34dfc7525c826ae61dc28e71c295396` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:15 GMT Last-Modified Tue, 15 Dec 2020 12:01:34 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "c4eee58dad2d61:0" X-Cache HIT from KOGIA-A Content-Type image/png Accept-Ranges bytes Content-Length 3313
GET H/1.1	200 OK	sp_header_evssl_button_02.png mufgbsaekcxjp.com/aeon/	3 KB 3 KB	581ms 579ms	Image image/png	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Show image Full URL https://mufgbsaekcxjp.com/aeon/sp_header_evssl_button_02.png Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `1bde13dbd49b07897aa39caf068af86a58a83cef910357260a9c46a613f61cb5` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:15 GMT Last-Modified Tue, 15 Dec 2020 12:01:34 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "6a60e68dad2d61:0" X-Cache HIT from KOGIA-A Content-Type image/png Accept-Ranges bytes Content-Length 3290
GET H/1.1	200 OK	login_08.png mufgbsaekcxjp.com/aeon/	62 KB 62 KB	583ms 580ms	Image image/png	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Show image Full URL https://mufgbsaekcxjp.com/aeon/login_08.png Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `39b7c033f3c7824bd3843ae4f49fa364a294f38d0d243fab6dc48e81bda27de9` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:16 GMT Last-Modified Tue, 15 Dec 2020 12:01:34 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "dbd4e68dad2d61:0" X-Cache HIT from KOGIA-A Content-Type image/png Accept-Ranges bytes Content-Length 63529
GET H/1.1	200 OK	sp_lightbox_close.png mufgbsaekcxjp.com/aeon/	2 KB 2 KB	580ms 577ms	Image image/png	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Show image Full URL https://mufgbsaekcxjp.com/aeon/sp_lightbox_close.png Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `659aea96fc8677e767048ada81312f8f741d6340cd1e9e3040a4a6f32434a072` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:16 GMT Last-Modified Tue, 15 Dec 2020 12:01:34 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "f4be78dad2d61:0" X-Cache HIT from KOGIA-A Content-Type image/png Accept-Ranges bytes Content-Length 1912
GET H/1.1	200 OK	KBC11SN000B_button_01.png mufgbsaekcxjp.com/aeon/	7 KB 7 KB	584ms 582ms	Image image/png	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Show image Full URL https://mufgbsaekcxjp.com/aeon/KBC11SN000B_button_01.png Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `61eba57ca136a25fd0e1591c9a9d271a6fd4cc368ad1f5b99709d983acaee5f6` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:15 GMT Last-Modified Tue, 15 Dec 2020 12:01:34 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "8a9be78dad2d61:0" X-Cache HIT from KOGIA-A Content-Type image/png Accept-Ranges bytes Content-Length 7149
GET H/1.1	200 OK	loading.gif mufgbsaekcxjp.com/aeon/	4 KB 4 KB	582ms 582ms	Image image/gif	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Show image Full URL https://mufgbsaekcxjp.com/aeon/loading.gif Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `3c5cacbdad8f88e2639de87f92ffc832e6e60a2d77631f55350fd5f109237ced` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:17 GMT Last-Modified Tue, 15 Dec 2020 12:01:34 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "54ee88dad2d61:0" X-Cache HIT from KOGIA-A Content-Type image/gif Accept-Ranges bytes Content-Length 3897
GET H/1.1	200 OK	sp_footer_question.png mufgbsaekcxjp.com/aeon/	23 KB 24 KB	1020ms 579ms	Image image/png	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Show image Full URL https://mufgbsaekcxjp.com/aeon/sp_footer_question.png Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `93873e2cdfb73a696a3003778eebcd13048516ba14eb5b4c41f7c7bac6591b50` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:16 GMT Last-Modified Tue, 15 Dec 2020 12:01:34 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "c982e88dad2d61:0" X-Cache HIT from KOGIA-A Content-Type image/png Accept-Ranges bytes Content-Length 23859
GET H/1.1	200 OK	sp_footer_help.png mufgbsaekcxjp.com/aeon/	3 KB 4 KB	1064ms 581ms	Image image/png	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Show image Full URL https://mufgbsaekcxjp.com/aeon/sp_footer_help.png Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `86d26d0c7f29f069f9a487702c56b521ffcf996e80b300dfac00b75f8e761e10` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:16 GMT Last-Modified Tue, 15 Dec 2020 12:01:34 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "274de98dad2d61:0" X-Cache HIT from KOGIA-A Content-Type image/png Accept-Ranges bytes Content-Length 3482
GET H/1.1	200 OK	sp_pageup.png mufgbsaekcxjp.com/aeon/	22 KB 22 KB	1058ms 582ms	Image image/png	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Show image Full URL https://mufgbsaekcxjp.com/aeon/sp_pageup.png Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `5206b69d8f49906f2b442970dfc5cf69e1cbca056d3941e642b8b203faef5487` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:16 GMT Last-Modified Tue, 15 Dec 2020 12:01:34 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "ff96e98dad2d61:0" X-Cache HIT from KOGIA-A Content-Type image/png Accept-Ranges bytes Content-Length 22718
GET H/1.1	200 OK	sp_copyright.png mufgbsaekcxjp.com/aeon/	3 KB 3 KB	1027ms 575ms	Image image/png	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Show image Full URL https://mufgbsaekcxjp.com/aeon/sp_copyright.png Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `dbbe5c4bd8ff3b67ac7c77832a9ad4d12184baf06bf87d5016177dc7e034fce6` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:16 GMT Last-Modified Tue, 15 Dec 2020 12:01:34 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "94bde98dad2d61:0" X-Cache HIT from KOGIA-A Content-Type image/png Accept-Ranges bytes Content-Length 2695
GET H/1.1	200 OK	sp_footer_logo.png mufgbsaekcxjp.com/aeon/	2 KB 2 KB	1054ms 579ms	Image image/png	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Show image Full URL https://mufgbsaekcxjp.com/aeon/sp_footer_logo.png Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `de41e50ab769656b164fe85b74f52cc480eaa9ce83eec7d7ba2c9e44932e2dd7` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:17 GMT Last-Modified Tue, 15 Dec 2020 12:01:34 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "76bea8dad2d61:0" X-Cache HIT from KOGIA-A Content-Type image/png Accept-Ranges bytes Content-Length 1824
GET H/1.1	200 OK	getseal.gif mufgbsaekcxjp.com/aeon/	5 KB 5 KB	1575ms 597ms	Image image/gif	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Show image Full URL https://mufgbsaekcxjp.com/aeon/getseal.gif Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `47cd116630a712bb949546b6665d3d5723a9d88abce6ff6cdda8c6e11ef55159` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 18:47:17 GMT Last-Modified Tue, 15 Dec 2020 12:01:34 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "6659ea8dad2d61:0" X-Cache HIT from KOGIA-A Content-Type image/gif Accept-Ranges bytes Content-Length 5161
GET H/1.1	200	go1 ia.51.la/	0 255 B	966ms 345ms	Image application/octet-stream	183.131.207.66 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Show image Full URL https://ia.51.la/go1?id=21009367&rt=1608067766145&rl=16001200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1608067766145&tt=%25E3%2583%25AD%25E3%2582%25B0%25E3%2582%25A4%25E3%2583%25B3%25EF%25BD%259C%25E3%2582%25A4%25E3%2582%25AA%25E3%2583%25B3%25E9%258A%2580%25E8%25A1%258C%25E3%2583%2580%25E3%2582%25A4%25E3%2583%25AC%25E3%2582%25AF%25E3%2583%2588&kw=&cu=https%253A%252F%252Fmufgbsaekcxjp.com%252F&pu= Requested by* Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software CloudWAF / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://mufgbsaekcxjp.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 21:29:27 GMT Server CloudWAF Connection keep-alive Content-Length 0 Content-Type application/octet-stream
GET H/1.1	404 Not Found	KBA2_link_icon.png mufgbsaekcxjp.com/aeon/	1 KB 1 KB	578ms 577ms	Image text/html	61.111.129.232 HYUNDAI-KR Shinbiro
General Check archive.org Show headers Download Go to Show image Full URL https://mufgbsaekcxjp.com/aeon/KBA2_link_icon.png Requested by Host: mufgbsaekcxjp.com URL: https://mufgbsaekcxjp.com/aeon/sp_cust_com.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.111.129.232 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f` Request headers Referer https://mufgbsaekcxjp.com/aeon/sp_cust_com.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 21:29:34 GMT Content-Encoding br Server Microsoft-IIS/7.5 X-Powered-By ASP.NET Transfer-Encoding chunked X-Cache MISS from KOGIA-A Content-Type text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AEON Group (Financial)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ia.51.la
mufgbsaekcxjp.com
183.131.207.66
61.111.129.232
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1bde13dbd49b07897aa39caf068af86a58a83cef910357260a9c46a613f61cb5
2cedf48e6dc5b0323a3ca39759e1f232e37eca2f1dcb822154810e2445b5f1ae
39b7c033f3c7824bd3843ae4f49fa364a294f38d0d243fab6dc48e81bda27de9
3c5cacbdad8f88e2639de87f92ffc832e6e60a2d77631f55350fd5f109237ced
47cd116630a712bb949546b6665d3d5723a9d88abce6ff6cdda8c6e11ef55159
5206b69d8f49906f2b442970dfc5cf69e1cbca056d3941e642b8b203faef5487
570d472fecbb15bdae66ae21e7fe7b4954886e6fb9b1e054058329fca53399c5
58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f
61eba57ca136a25fd0e1591c9a9d271a6fd4cc368ad1f5b99709d983acaee5f6
659aea96fc8677e767048ada81312f8f741d6340cd1e9e3040a4a6f32434a072
76d3a033fdc686813d4b4c29b3463fa2f34dfc7525c826ae61dc28e71c295396
86d26d0c7f29f069f9a487702c56b521ffcf996e80b300dfac00b75f8e761e10
93873e2cdfb73a696a3003778eebcd13048516ba14eb5b4c41f7c7bac6591b50
990bfc5d561571ebf37829cf90a974eba22907f5a7bc7ee07ac6eabbb1e25ff6
9cb4088bc242b60f5a3027b30956f565208442ada9563d0ad51afc85e474539b
b5adf2320e7d6552234ce1619b6ebe9933928c16a88bbb0d4549cfd72d8de4f5
c22aab6517751e0d74fd66bf7f1e931c661f2fc76770805ef49512182bb9aecc
dbbe5c4bd8ff3b67ac7c77832a9ad4d12184baf06bf87d5016177dc7e034fce6
de41e50ab769656b164fe85b74f52cc480eaa9ce83eec7d7ba2c9e44932e2dd7
e3a285d58bcf7c3fdfad5e314ae600f761e2cf96ed9e805e1ef0cefede7bf643
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

mufgbsaekcxjp.com Open in urlscan Pro 61.111.129.232 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

279 kBTransfer

580 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

0 Cookies

Indicators

mufgbsaekcxjp.com Open in urlscan Pro
61.111.129.232 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

279 kB
Transfer

580 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!