www.mufg-jp.biz
Open in
urlscan Pro
116.206.92.161
Malicious Activity!
Public Scan
Submission: On August 12 via automatic, source phishtank
Summary
This is the only time www.mufg-jp.biz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: MUFG (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 116.206.92.161 116.206.92.161 | 58879 (ANCHNET S...) (ANCHNET Shanghai Anchang Network Security Technology Co.) | |
10 | 1 |
ASN58879 (ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN)
www.mufg-jp.biz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
mufg-jp.biz
www.mufg-jp.biz |
38 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
10 | www.mufg-jp.biz |
www.mufg-jp.biz
|
10 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://www.mufg-jp.biz/service/visitors/asps/sinkitou
Frame ID: 88D9EF2800F8851219440D6242E7CB3F
Requests: 10 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
sinkitou
www.mufg-jp.biz/service/visitors/asps/ |
31 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prp.css
www.mufg-jp.biz/css/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id_header.gif
www.mufg-jp.biz/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
idtouroku_title.gif
www.mufg-jp.biz/images/ |
674 B 912 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navy_t.gif
www.mufg-jp.biz/images/ |
301 B 539 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spacer.gif
www.mufg-jp.biz/images/ |
43 B 279 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id_card.gif
www.mufg-jp.biz/images/ |
12 KB 12 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
next.gif
www.mufg-jp.biz/images/ |
529 B 767 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
copy.gif
www.mufg-jp.biz/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mbox.js
www.mufg-jp.biz/js/ |
25 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: MUFG (Banking)47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| setFocus function| InputCheck function| PassCheck function| SubmitCheck function| Button01_Click function| checkHan function| checkEmail function| checkPassword string| mboxCopyright number| mboxVersion object| mboxFactories object| mboxFactoryDefault function| mboxLoadSCPlugin function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxFactory function| mboxSignaler function| mboxList function| mboxLocatorDefault function| mboxLocatorNode function| mboxCreate function| mboxDefine function| mboxUpdate function| mbox function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxSetCookie function| mboxGetCookie function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth function| mboxScPluginFetcher function| mboxStandardScPluginFetcher function| mboxAjaxScPluginFetcher3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.mufg-jp.biz/ | Name: mbox Value: check#true#1534039642|session#1534039581502-684065#1534041442 |
|
www.mufg-jp.biz/ | Name: laravel_session Value: eyJpdiI6ImRCMTVzT2doMTZDTWprK0htV2lkcFE9PSIsInZhbHVlIjoiTkJtUWQxd3llMHBlSTR0WjVSY1MrMkVadE1mU2JPdU9YQ1FlenlldloxeTdhNXJmMDdRWnFQZzh2amo0RXV5bDJsd2dwUG45SWw3eUdIZHJ3dWxveWc9PSIsIm1hYyI6ImQ3MTA1ZDUxM2Y4N2IyN2YyNzA2NzJmODUxYTAzY2YyNzU3NTE1NTlhY2M4OWM4OGVhMDdiNTYxNWI4ZWQzYzMifQ%3D%3D |
|
www.mufg-jp.biz/ | Name: XSRF-TOKEN Value: eyJpdiI6IjNCN3hsdUozQU5YN014MVlsZUFWbEE9PSIsInZhbHVlIjoiZWI1aEpvNHVHSnpUM1FoV3hpNlZ0bTJlUFJwaXZFUmFJM2NmNHFxS082Wm1LdERxa0pFSVBIcFE4MHBDMEEzZG90SkhpU0xzdEl6WmZucGN5blJsS2c9PSIsIm1hYyI6IjQ3NGM0MWE4Y2Y0Mzc5YzY4OGQ1ODhjMjBmZTIwZjJiMzZiOGZkOTQzMTUxMTFmNGZlNDQyNGY5ZWYyOTM5OTIifQ%3D%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.mufg-jp.biz
116.206.92.161
18e38cfe36d06aa7dafdfa7cc5243f222451f35b3e4e4ec4535e11096ad6d058
5062c162fd704919b0f0c8e7f07298f875adc79bc0b9de45699d9b05e734855b
607a63bebe4af9b51d0eb922b0fb4ff355514c9fc403ad4e9a5dad9697f0a961
66af2a8377770eaa07196f4fb20aacbf2a1ac98a7a51890fd8b6114d1bb8a11f
75a242a4e4193b3d5bffa61de9f1999c82864dfd042216628ee5d9bf7a9a9f9a
d4b0c975708e3c0ab9965254e93a129690444312c0833555dbe02f933836a2aa
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
e1cc1dd9aa180bae8210677812b3dbb3d0ad0fb7fda9cbe07ce88d1fd868cc6b
e2c7622784910343e340730d7501da1ff61e336ba1ef4b902b67ef5cc9789791
f8e5f906cb136dcb7b90652b39b86cf55924ae599bbd5d367bba0e926bba2b02