singin.cr.rnufg.jp.xzoyvzl3b.cn Open in urlscan Pro
204.44.68.164  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
10 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index Show response singin.cr.rnufg.jp.xzoyvzl3b.cn/newsplus/cardBrand0013/lid/news_ja/	564 B 462 B	1851ms 238ms	Document text/html	204.44.68.164 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://singin.cr.rnufg.jp.xzoyvzl3b.cn/newsplus/cardBrand0013/lid/news_ja/index?mode=sp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.68.164 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.68.164.static.quadranet.com Software Apache / Resource Hash d98ae7399e0928efa6cdf55572104362747c3a71a84ef62a594999a7241c2359 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 324 content-type text/html date Wed, 25 May 2022 03:08:12 GMT etag "234-5dfcb68d99b80-gzip" last-modified Wed, 25 May 2022 00:46:54 GMT server Apache vary Accept-Encoding
GET H2	200	app.0.65508701022767221653410800215.css singin.cr.rnufg.jp.xzoyvzl3b.cn/static/css/	2 MB 378 KB	720ms 719ms	Stylesheet text/css	204.44.68.164 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://singin.cr.rnufg.jp.xzoyvzl3b.cn/static/css/app.0.65508701022767221653410800215.css Requested by Host: singin.cr.rnufg.jp.xzoyvzl3b.cn URL: https://singin.cr.rnufg.jp.xzoyvzl3b.cn/newsplus/cardBrand0013/lid/news_ja/index?mode=sp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.68.164 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.68.164.static.quadranet.com Software Apache / Resource Hash 71762a828a162bf8f9dbd227b9522161b4c083f9d2bd193c1013104440d80661 Request headers accept-language jp-JP,jp;q=0.9 Referer https://singin.cr.rnufg.jp.xzoyvzl3b.cn/newsplus/cardBrand0013/lid/news_ja/index?mode=sp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Wed, 25 May 2022 03:08:12 GMT content-encoding gzip last-modified Wed, 25 May 2022 00:46:54 GMT server Apache etag "1c96f3-5dfcb68d99b80-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes
GET H2	200	1653410800215.0.098329443184525631653410800215.js Show response singin.cr.rnufg.jp.xzoyvzl3b.cn/static/js/	238 KB 84 KB	249ms 248ms	Script application/javascript	204.44.68.164 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://singin.cr.rnufg.jp.xzoyvzl3b.cn/static/js/1653410800215.0.098329443184525631653410800215.js Requested by Host: singin.cr.rnufg.jp.xzoyvzl3b.cn URL: https://singin.cr.rnufg.jp.xzoyvzl3b.cn/newsplus/cardBrand0013/lid/news_ja/index?mode=sp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.68.164 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.68.164.static.quadranet.com Software Apache / Resource Hash 38eba71c37e843e74fff964854c4238f80d0fb9298420d2a6d8bad7dbcd34f72 Request headers accept-language jp-JP,jp;q=0.9 Referer https://singin.cr.rnufg.jp.xzoyvzl3b.cn/newsplus/cardBrand0013/lid/news_ja/index?mode=sp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Wed, 25 May 2022 03:08:12 GMT content-encoding gzip last-modified Wed, 25 May 2022 00:46:54 GMT server Apache etag "3b8f2-5dfcb68d99b80-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET H2	200	app.0.098329443184525631653410800215.js Show response singin.cr.rnufg.jp.xzoyvzl3b.cn/static/js/	3 KB 2 KB	242ms 242ms	Script application/javascript	204.44.68.164 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://singin.cr.rnufg.jp.xzoyvzl3b.cn/static/js/app.0.098329443184525631653410800215.js Requested by Host: singin.cr.rnufg.jp.xzoyvzl3b.cn URL: https://singin.cr.rnufg.jp.xzoyvzl3b.cn/newsplus/cardBrand0013/lid/news_ja/index?mode=sp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.68.164 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.68.164.static.quadranet.com Software Apache / Resource Hash 4b7b355ee3b6bf3009342b7219968c23a164f01e10eb3d7f02e57360a09679ac Request headers accept-language jp-JP,jp;q=0.9 Referer https://singin.cr.rnufg.jp.xzoyvzl3b.cn/newsplus/cardBrand0013/lid/news_ja/index?mode=sp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Wed, 25 May 2022 03:08:12 GMT content-encoding gzip last-modified Wed, 25 May 2022 00:46:54 GMT server Apache etag "d8b-5dfcb68d99b80-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1493
GET H2	200	2.0.61286541169754231653410800215.js Show response singin.cr.rnufg.jp.xzoyvzl3b.cn/static/js/	71 KB 45 KB	241ms 240ms	Script application/javascript	204.44.68.164 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://singin.cr.rnufg.jp.xzoyvzl3b.cn/static/js/2.0.61286541169754231653410800215.js Requested by Host: singin.cr.rnufg.jp.xzoyvzl3b.cn URL: https://singin.cr.rnufg.jp.xzoyvzl3b.cn/static/js/1653410800215.0.098329443184525631653410800215.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.68.164 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.68.164.static.quadranet.com Software Apache / Resource Hash 39528e1be8c50f74c353e5779b1f466ee58d1c5ce7443077630355e1578e1764 Request headers accept-language jp-JP,jp;q=0.9 Referer https://singin.cr.rnufg.jp.xzoyvzl3b.cn/newsplus/cardBrand0013/lid/news_ja/index?mode=sp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Wed, 25 May 2022 03:08:14 GMT content-encoding gzip last-modified Wed, 25 May 2022 00:46:54 GMT server Apache etag "11b5c-5dfcb68d99b80-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET DATA	200 OK	truncated /	8 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e49fa26ee4876e79e8c467cd465ea52c16976a5b5d48eb0debd21f9ca0e20f4f Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 312b9fa9a58397fe88dd293b3287c3ef83b91c3233ca941aa9d0e2d600fb6a33 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b768935f52cf68fde3ed1e5c9d497c747e6425deb4035a697f8ce276753b3962 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2cabbccc3abc56ba8fcea48e3cf4b167617de9647cb4d28ace844fc4ebfebbff Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7cdfb3c9638d76088f839359838c8e866fd157949b39966fa8843c8fe0b09a9d Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9a577180d63af91b2384c9209e114325399e7877159eb06cfaeb8e3ac16d87f9 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	7 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e35a2ef4a53b81daf35cd980bd377ca19ce87b2afe14870c3ce9ff6e0d6c0ea0 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 32f130f5fa6c1621ff325fbddb92709681cb0f96237cf078360c8d2a906e092a Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 159b4da7e1be69f72f4801a1287af455735447c28810185429bc0c76aba5d315 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8fbe7f781ca130b05f7b27bd0c4563c9976739a1541aa0e453207e8ec764afec Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type image/png

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: MUFG (Banking)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

singin.cr.rnufg.jp.xzoyvzl3b.cn
204.44.68.164
159b4da7e1be69f72f4801a1287af455735447c28810185429bc0c76aba5d315
2cabbccc3abc56ba8fcea48e3cf4b167617de9647cb4d28ace844fc4ebfebbff
312b9fa9a58397fe88dd293b3287c3ef83b91c3233ca941aa9d0e2d600fb6a33
32f130f5fa6c1621ff325fbddb92709681cb0f96237cf078360c8d2a906e092a
38eba71c37e843e74fff964854c4238f80d0fb9298420d2a6d8bad7dbcd34f72
39528e1be8c50f74c353e5779b1f466ee58d1c5ce7443077630355e1578e1764
4b7b355ee3b6bf3009342b7219968c23a164f01e10eb3d7f02e57360a09679ac
71762a828a162bf8f9dbd227b9522161b4c083f9d2bd193c1013104440d80661
7cdfb3c9638d76088f839359838c8e866fd157949b39966fa8843c8fe0b09a9d
8fbe7f781ca130b05f7b27bd0c4563c9976739a1541aa0e453207e8ec764afec
9a577180d63af91b2384c9209e114325399e7877159eb06cfaeb8e3ac16d87f9
b768935f52cf68fde3ed1e5c9d497c747e6425deb4035a697f8ce276753b3962
d98ae7399e0928efa6cdf55572104362747c3a71a84ef62a594999a7241c2359
e35a2ef4a53b81daf35cd980bd377ca19ce87b2afe14870c3ce9ff6e0d6c0ea0
e49fa26ee4876e79e8c467cd465ea52c16976a5b5d48eb0debd21f9ca0e20f4f