![](/screenshots/94a53cd0-366a-4bd0-8d96-6e64e5b31e17.png)
www.tr.muff.photobaobao.com
Open in
urlscan Pro
87.121.113.185
Malicious Activity!
Public Scan
Effective URL: https://www.tr.muff.photobaobao.com/login/GLG01010101.php
Submission: On December 17 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on December 17th 2023. Valid for: 3 months.
This is the only time www.tr.muff.photobaobao.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: MUFG (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 87.121.113.185 87.121.113.185 | 34224 (NETERRA-AS) (NETERRA-AS) | |
22 | 203.178.92.17 203.178.92.17 | 4680 (MIND Mits...) (MIND Mitsubishi Electric Information Network Corporation) | |
39 | 3 |
ASN34224 (NETERRA-AS, BG)
PTR: europassur.com
www.tr.muff.photobaobao.com |
ASN4680 (MIND Mitsubishi Electric Information Network Corporation, JP)
www.direct.tr.mufg.jp |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
mufg.jp
www.direct.tr.mufg.jp |
590 KB |
17 |
photobaobao.com
www.tr.muff.photobaobao.com |
1 MB |
39 | 2 |
Domain | Requested by | |
---|---|---|
22 | www.direct.tr.mufg.jp |
www.tr.muff.photobaobao.com
www.direct.tr.mufg.jp |
17 | www.tr.muff.photobaobao.com |
www.tr.muff.photobaobao.com
|
39 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.tr.mufg.jp |
www.direct.tr.mufg.jp |
safe.tr.mufg.jp |
apl2.wealthadvisor.jp |
portstar.mukam.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.tr.muff.photobaobao.com R3 |
2023-12-17 - 2024-03-16 |
3 months | crt.sh |
www.direct.tr.mufg.jp DigiCert EV RSA CA G2 |
2023-06-29 - 2024-07-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.tr.muff.photobaobao.com/login/GLG01010101.php
Frame ID: 0E05F6DA99994D04C8AA1D4C30B4B969
Requests: 40 HTTP requests in this frame
Screenshot
![](/screenshots/94a53cd0-366a-4bd0-8d96-6e64e5b31e17.png)
Page Title
三菱UFJ信託銀行 | 三菱UFJ信託銀行インターネットバンキングPage URL History Show full URLs
- https://www.tr.muff.photobaobao.com/ Page URL
- https://www.tr.muff.photobaobao.com/login/GLG01010101.php Page URL
Detected technologies
Detected patterns
- \.php(?:$|\?)
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
![](/vendor/wappa/icons/Material Design Lite.png)
Detected patterns
- <link[^>]* href="[^"]*material(?:\.[\w]+-[\w]+)?(?:\.min)?\.css
![](/vendor/wappa/icons/Vue.js.png)
Detected patterns
- (?:/([\d.]+))?/vue(?:\.min)?\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: 金融商品のリスク等についてのご案内(金融商品取引法第三十七条の三に基づく情報提供)
Search URL Search Domain Scan URL
Title: 初めてログインする方 オンラインサインアップ
Search URL Search Domain Scan URL
Title: ご利用のお申込
Search URL Search Domain Scan URL
Title: こちら
Search URL Search Domain Scan URL
Title: ●「ニッセイ/シュローダー好利回りCBファンド2023−02(為替ヘッジあり・限定追加型)」のご購入申込受付の停止について
Search URL Search Domain Scan URL
Title: ●ロシア情勢緊迫化に伴うファンドの取引制限について
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: 本サイトのご利用にあたって
Search URL Search Domain Scan URL
Title: よくあるご質問
Search URL Search Domain Scan URL
Title: サービス内容とご利用時間
Search URL Search Domain Scan URL
Title: 手数料
Search URL Search Domain Scan URL
Title: ご利用環境
Search URL Search Domain Scan URL
Title: 操作体験版
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.tr.muff.photobaobao.com/ Page URL
- https://www.tr.muff.photobaobao.com/login/GLG01010101.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
www.tr.muff.photobaobao.com/ |
982 B 671 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
GLG01010101.php
www.tr.muff.photobaobao.com/login/ |
65 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
www.direct.tr.mufg.jp/ib/dfw/cst/common/css/bootstrap/ |
103 KB 103 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
material.min.css
www.direct.tr.mufg.jp/ib/dfw/cst/common/css/vendor/ |
136 KB 137 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mdl-selectfield.min.css
www.direct.tr.mufg.jp/ib/dfw/cst/common/css/vendor/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
perfect-scrollbar.min.css
www.direct.tr.mufg.jp/ib/dfw/cst/common/css/vendor/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
www.direct.tr.mufg.jp/ib/dfw/cst/common/css/ |
304 KB 304 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site_id_1@2x.png
www.tr.muff.photobaobao.com/img/pc/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site_id_2@2x.png
www.tr.muff.photobaobao.com/img/pc/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
carousel-slide1@2x.png
www.tr.muff.photobaobao.com/img/pc/ |
127 KB 127 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
carousel-slide4@2x.png
www.tr.muff.photobaobao.com/img/pc/ |
146 KB 146 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
toshin_setplan.png
www.tr.muff.photobaobao.com/img/pc/ |
96 KB 97 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
carousel-slide2@2x.png
www.tr.muff.photobaobao.com/img/pc/ |
649 KB 650 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
carousel-slide3@2x.png
www.tr.muff.photobaobao.com/img/pc/ |
52 KB 52 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnr_lifeplan.png
www.tr.muff.photobaobao.com/img/pc/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnr_portfolio.png
www.tr.muff.photobaobao.com/img/pc/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnr_portstar.png
www.tr.muff.photobaobao.com/img/pc/ |
48 KB 49 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_freedial.png
www.tr.muff.photobaobao.com/img/pc/ |
958 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spacer.gif
www.tr.muff.photobaobao.com/img/pc/ |
43 B 247 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue.js
www.tr.muff.photobaobao.com/js/ |
334 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.js
www.tr.muff.photobaobao.com/js/ |
281 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GLG01010101.js
www.tr.muff.photobaobao.com/js/ |
828 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_onlinesignup@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/icon/ |
855 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_blank_white@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/icon/ |
116 B 600 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_onlinesignup2@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/icon/ |
558 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_blank@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/icon/ |
116 B 600 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_input_text_0@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/form/ |
338 B 823 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_keyboard_input@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/form/ |
184 B 668 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_ptitle7@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/icon/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_shitsumon@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/icon/ |
412 B 897 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_ptitle6@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/icon/ |
593 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_nav_12_on@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/navi/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_nav_22@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/navi/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_blank_gray@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/icon/ |
116 B 600 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_nav_16@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/navi/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_nav_19@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/navi/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_nav_17@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/navi/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_nav_18@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/navi/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_input_text_1@2x.png
www.direct.tr.mufg.jp/ib/dfw/cst/common/image/form/ |
311 B 796 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: MUFG (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| Vue function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.tr.muff.photobaobao.com/ | Name: PHPSESSID Value: tb54qp89cs2pq4chrlcg1o7pp5 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.direct.tr.mufg.jp
www.tr.muff.photobaobao.com
203.178.92.17
87.121.113.185
02b547f5e32bdd785558f50a2d1b05b778b71f7eee57cd65096f0e7000e06e1a
036e42072d5e2564897ce88c8a29b6521560e982b9e9143b88516ca921630fb7
212235b71f84436cdc6f35fe31ef45368e52a446a33907f82220839f3d5b2789
23fe472be64eb0aadba751ecd2967f71816b297ff087605e28ecd836d48cd50a
2b4fbdc82f135a08fab5643804fc02fcedfe59da66d27949525c9f3c09f7fca8
352baa818da109925437a8433057ddc6f91ec48efe88bc5741b2f9e34450fdce
3584097c29bec1e7a7d4b5cbbc1b01ac1d9376d3f8217f0ff4a8bd67435e9910
37b8cef89cbc043e408a26bbdfffe589961d12c80723ea8d555d3f51ca0a6e6c
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5996f9ed40422770885c5aaafd852de4e6f1dd1bdb4d330852d2fa94c8e8e8a8
607e2f2f8b978430f23efe4962f7ac39f63b4da463d5e509b4a48eeb4bbd095f
69257d2635456d8243074d65eec217b3a2a042ba4da860c14b398c98fe2ad633
7164beec33764b0aa52a09a34bb34a0e9f643b6a05fcc63904311f0083e75811
75a738d7d7f0c8ac71dfc1a2a9e4daec442c638f1368c926631f0129c3b3d94e
7f463aa6ec565fdf1f6fb981373a53713c9e40057de22969142d31a614df5a07
86ff2ca327a549bdad9a2123c9c0a6ad151c99524c57a5958df739883ece37b7
91520d4e14b371a7d218e073ce522a3b0b27e16de0f80a282685fea26e560c8f
92b797cab5ebdd32001f8a8d4386f3006bb8d94e390767eb6ba87df3cc391c6d
95cb47cdd022259a48d2eb772bfef7e3b5bd073e4aad26f003eff58a0000a971
9794737d3fb1350b4e50d7075370980563afc9e8c94d07a547c5b4aae8fdb826
980a87c75eee5a096f8ca56d0af29977f71cd54586c09ca7b09593d5a8664f88
996eff2d982d0039f15e1723ca59204e224dd87ee90160deca94817aed2e0e4e
9f30fd41e7f3f6fa7913a33ec471014642f4c7c4f0607a4a60b351e36967638b
a157d9d9dff46407e2ae3842707e3bf118ccd0fed58ffa0e9a7400e5aa27485d
a2525943738208b107d7e1aafec1d4470a7f6a8a5eb42309b2f497bddc219358
a256d249023c2d1b35548f69e328ec7620fb5daaef1a0ab5a4ae815b6040f757
a2c9fe82e9637dff3ac4f86e11fe7fb4fce2f487ffa76dbe310fe106f1c9d099
a3d1573662575c9cf200a2ab920e6f0506e820baa3788dc3af5e5fba5fb86f4e
a7c8354d7b078edb5331c877b053d69b0d99b8bd71d2e395506d6334d6f6ef21
b205ab09f8c1903dedab52334dd118bbee94b7adf55a1cbee54f2ce0b6bb7547
bdbeb62ee2206fc350a147ccd45ae8a29898dcb042d7f65bd417161a89794f5d
d18537f20d4026f00e3f0660688579998364661f79502c19796975f31a2e3591
d3f119f947871a0e92bcc4118216bcbf44d55d74acf56de44945a628a75fa8e6
e17bbba65af26e61daf77cd5f74cdf05e40b16459d4430933e5825525dfff16f
e2c22f1f3313118e635858099865831b8336f91906f7d385ed587ab93d35c308
e3438f281c9e4d9e3cff08102e390ae296c4227b28fcedf8fca36e61c9d9865b
e4e3ae725714240d932f9100c9b3922ef2be469be422c4dde4e8f5150c511096
f787da131b51623d515c54ad1213bab0dfc5fd4e0ca88a321a9cb11955521c93
ff6b12fe08ba18402f1d5f7af6cd69a8f9bbe6f3881599b6aefa9fbb0340d4f7