www.mufg-jp.biz Open in urlscan Pro
116.206.92.161 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.mufg-jp.biz/service/visitors/asps/sinkitou
Submission: On August 12 via automatic, source phishtank (August 12th 2018, 2:06:33 am UTC)

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 116.206.92.161, located in Baoan, China and belongs to ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN. The main domain is www.mufg-jp.biz.

This is the only time www.mufg-jp.biz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: MUFG (Banking)

Domain & IP information

	IP Address		AS Autonomous System
10	116.206.92.161 116.206.92.161		58879 (ANCHNET S...) (ANCHNET Shanghai Anchang Network Security Technology Co.)
10	1

10 116.206.92.161 (Baoan, China)

ASN58879 (ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN)

www.mufg-jp.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	mufg-jp.biz www.mufg-jp.biz	38 KB
10	1

	Domain	Requested by
10	www.mufg-jp.biz	www.mufg-jp.biz
10	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.mufg-jp.biz/service/visitors/asps/sinkitou
Frame ID: 88D9EF2800F8851219440D6242E7CB3F
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

10
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

38 kB
Transfer

87 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set sinkitou Show response www.mufg-jp.biz/service/visitors/asps/	31 KB 7 KB	542ms 542ms	Document text/html	116.206.92.161 ANCHNET Shanghai ...
General Check archive.org Show headers Download Go to Full URL http://www.mufg-jp.biz/service/visitors/asps/sinkitou Protocol HTTP/1.1 Server 116.206.92.161 Baoan, China, ASN58879 (ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN), Reverse DNS Software nginx/1.11.5 / PHP/5.6.27 Resource Hash `66af2a8377770eaa07196f4fb20aacbf2a1ac98a7a51890fd8b6114d1bb8a11f` Request headers Host www.mufg-jp.biz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 88D9EF2800F8851219440D6242E7CB3F Response headers Server nginx/1.11.5 Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding X-Powered-By PHP/5.6.27 Cache-Control no-cache, private Date Sun, 12 Aug 2018 02:06:20 GMT Set-Cookie XSRF-TOKEN=eyJpdiI6IjNCN3hsdUozQU5YN014MVlsZUFWbEE9PSIsInZhbHVlIjoiZWI1aEpvNHVHSnpUM1FoV3hpNlZ0bTJlUFJwaXZFUmFJM2NmNHFxS082Wm1LdERxa0pFSVBIcFE4MHBDMEEzZG90SkhpU0xzdEl6WmZucGN5blJsS2c9PSIsIm1hYyI6IjQ3NGM0MWE4Y2Y0Mzc5YzY4OGQ1ODhjMjBmZTIwZjJiMzZiOGZkOTQzMTUxMTFmNGZlNDQyNGY5ZWYyOTM5OTIifQ%3D%3D; expires=Sun, 12-Aug-2018 04:06:20 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6ImRCMTVzT2doMTZDTWprK0htV2lkcFE9PSIsInZhbHVlIjoiTkJtUWQxd3llMHBlSTR0WjVSY1MrMkVadE1mU2JPdU9YQ1FlenlldloxeTdhNXJmMDdRWnFQZzh2amo0RXV5bDJsd2dwUG45SWw3eUdIZHJ3dWxveWc9PSIsIm1hYyI6ImQ3MTA1ZDUxM2Y4N2IyN2YyNzA2NzJmODUxYTAzY2YyNzU3NTE1NTlhY2M4OWM4OGVhMDdiNTYxNWI4ZWQzYzMifQ%3D%3D; expires=Sun, 12-Aug-2018 04:06:20 GMT; Max-Age=7200; path=/; httponly Content-Encoding gzip
GET H/1.1	200 OK	prp.css www.mufg-jp.biz/css/	14 KB 3 KB	260ms 259ms	Stylesheet text/css	116.206.92.161 ANCHNET Shanghai ...
General Check archive.org Show headers Download Go to Full URL http://www.mufg-jp.biz/css/prp.css Requested by Host: www.mufg-jp.biz URL: http://www.mufg-jp.biz/service/visitors/asps/sinkitou Protocol HTTP/1.1 Server 116.206.92.161 Baoan, China, ASN58879 (ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN), Reverse DNS Software nginx/1.11.5 / Resource Hash `18e38cfe36d06aa7dafdfa7cc5243f222451f35b3e4e4ec4535e11096ad6d058` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.mufg-jp.biz User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://www.mufg-jp.biz/service/visitors/asps/sinkitou Cookie XSRF-TOKEN=eyJpdiI6IjNCN3hsdUozQU5YN014MVlsZUFWbEE9PSIsInZhbHVlIjoiZWI1aEpvNHVHSnpUM1FoV3hpNlZ0bTJlUFJwaXZFUmFJM2NmNHFxS082Wm1LdERxa0pFSVBIcFE4MHBDMEEzZG90SkhpU0xzdEl6WmZucGN5blJsS2c9PSIsIm1hYyI6IjQ3NGM0MWE4Y2Y0Mzc5YzY4OGQ1ODhjMjBmZTIwZjJiMzZiOGZkOTQzMTUxMTFmNGZlNDQyNGY5ZWYyOTM5OTIifQ%3D%3D; laravel_session=eyJpdiI6ImRCMTVzT2doMTZDTWprK0htV2lkcFE9PSIsInZhbHVlIjoiTkJtUWQxd3llMHBlSTR0WjVSY1MrMkVadE1mU2JPdU9YQ1FlenlldloxeTdhNXJmMDdRWnFQZzh2amo0RXV5bDJsd2dwUG45SWw3eUdIZHJ3dWxveWc9PSIsIm1hYyI6ImQ3MTA1ZDUxM2Y4N2IyN2YyNzA2NzJmODUxYTAzY2YyNzU3NTE1NTlhY2M4OWM4OGVhMDdiNTYxNWI4ZWQzYzMifQ%3D%3D Connection keep-alive Cache-Control no-cache Referer http://www.mufg-jp.biz/service/visitors/asps/sinkitou User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 02:06:20 GMT Content-Encoding gzip Last-Modified Mon, 20 Mar 2017 09:26:49 GMT Server nginx/1.11.5 ETag W/"58cfa059-3921" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	id_header.gif www.mufg-jp.biz/images/	2 KB 2 KB	255ms 254ms	Image image/gif	116.206.92.161 ANCHNET Shanghai ...
General Check archive.org Show headers Download Go to Show image Full URL http://www.mufg-jp.biz/images/id_header.gif Requested by Host: www.mufg-jp.biz URL: http://www.mufg-jp.biz/service/visitors/asps/sinkitou Protocol HTTP/1.1 Server 116.206.92.161 Baoan, China, ASN58879 (ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN), Reverse DNS Software nginx/1.11.5 / Resource Hash `d4b0c975708e3c0ab9965254e93a129690444312c0833555dbe02f933836a2aa` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.mufg-jp.biz User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.mufg-jp.biz/service/visitors/asps/sinkitou Cookie XSRF-TOKEN=eyJpdiI6IjNCN3hsdUozQU5YN014MVlsZUFWbEE9PSIsInZhbHVlIjoiZWI1aEpvNHVHSnpUM1FoV3hpNlZ0bTJlUFJwaXZFUmFJM2NmNHFxS082Wm1LdERxa0pFSVBIcFE4MHBDMEEzZG90SkhpU0xzdEl6WmZucGN5blJsS2c9PSIsIm1hYyI6IjQ3NGM0MWE4Y2Y0Mzc5YzY4OGQ1ODhjMjBmZTIwZjJiMzZiOGZkOTQzMTUxMTFmNGZlNDQyNGY5ZWYyOTM5OTIifQ%3D%3D; laravel_session=eyJpdiI6ImRCMTVzT2doMTZDTWprK0htV2lkcFE9PSIsInZhbHVlIjoiTkJtUWQxd3llMHBlSTR0WjVSY1MrMkVadE1mU2JPdU9YQ1FlenlldloxeTdhNXJmMDdRWnFQZzh2amo0RXV5bDJsd2dwUG45SWw3eUdIZHJ3dWxveWc9PSIsIm1hYyI6ImQ3MTA1ZDUxM2Y4N2IyN2YyNzA2NzJmODUxYTAzY2YyNzU3NTE1NTlhY2M4OWM4OGVhMDdiNTYxNWI4ZWQzYzMifQ%3D%3D Connection keep-alive Cache-Control no-cache Referer http://www.mufg-jp.biz/service/visitors/asps/sinkitou User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 02:06:20 GMT Last-Modified Mon, 20 Mar 2017 09:27:12 GMT Server nginx/1.11.5 ETag "58cfa070-6b2" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 1714
GET H/1.1	200 OK	idtouroku_title.gif www.mufg-jp.biz/images/	674 B 912 B	512ms 512ms	Image image/gif	116.206.92.161 ANCHNET Shanghai ...
General Check archive.org Show headers Download Go to Show image Full URL http://www.mufg-jp.biz/images/idtouroku_title.gif Requested by Host: www.mufg-jp.biz URL: http://www.mufg-jp.biz/service/visitors/asps/sinkitou Protocol HTTP/1.1 Server 116.206.92.161 Baoan, China, ASN58879 (ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN), Reverse DNS Software nginx/1.11.5 / Resource Hash `e2c7622784910343e340730d7501da1ff61e336ba1ef4b902b67ef5cc9789791` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.mufg-jp.biz User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.mufg-jp.biz/service/visitors/asps/sinkitou Cookie XSRF-TOKEN=eyJpdiI6IjNCN3hsdUozQU5YN014MVlsZUFWbEE9PSIsInZhbHVlIjoiZWI1aEpvNHVHSnpUM1FoV3hpNlZ0bTJlUFJwaXZFUmFJM2NmNHFxS082Wm1LdERxa0pFSVBIcFE4MHBDMEEzZG90SkhpU0xzdEl6WmZucGN5blJsS2c9PSIsIm1hYyI6IjQ3NGM0MWE4Y2Y0Mzc5YzY4OGQ1ODhjMjBmZTIwZjJiMzZiOGZkOTQzMTUxMTFmNGZlNDQyNGY5ZWYyOTM5OTIifQ%3D%3D; laravel_session=eyJpdiI6ImRCMTVzT2doMTZDTWprK0htV2lkcFE9PSIsInZhbHVlIjoiTkJtUWQxd3llMHBlSTR0WjVSY1MrMkVadE1mU2JPdU9YQ1FlenlldloxeTdhNXJmMDdRWnFQZzh2amo0RXV5bDJsd2dwUG45SWw3eUdIZHJ3dWxveWc9PSIsIm1hYyI6ImQ3MTA1ZDUxM2Y4N2IyN2YyNzA2NzJmODUxYTAzY2YyNzU3NTE1NTlhY2M4OWM4OGVhMDdiNTYxNWI4ZWQzYzMifQ%3D%3D Connection keep-alive Cache-Control no-cache Referer http://www.mufg-jp.biz/service/visitors/asps/sinkitou User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 02:06:20 GMT Last-Modified Mon, 20 Mar 2017 09:27:13 GMT Server nginx/1.11.5 ETag "58cfa071-2a2" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 674
GET H/1.1	200 OK	navy_t.gif www.mufg-jp.biz/images/	301 B 539 B	513ms 512ms	Image image/gif	116.206.92.161 ANCHNET Shanghai ...
General Check archive.org Show headers Download Go to Show image Full URL http://www.mufg-jp.biz/images/navy_t.gif Requested by Host: www.mufg-jp.biz URL: http://www.mufg-jp.biz/service/visitors/asps/sinkitou Protocol HTTP/1.1 Server 116.206.92.161 Baoan, China, ASN58879 (ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN), Reverse DNS Software nginx/1.11.5 / Resource Hash `5062c162fd704919b0f0c8e7f07298f875adc79bc0b9de45699d9b05e734855b` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.mufg-jp.biz User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.mufg-jp.biz/service/visitors/asps/sinkitou Cookie XSRF-TOKEN=eyJpdiI6IjNCN3hsdUozQU5YN014MVlsZUFWbEE9PSIsInZhbHVlIjoiZWI1aEpvNHVHSnpUM1FoV3hpNlZ0bTJlUFJwaXZFUmFJM2NmNHFxS082Wm1LdERxa0pFSVBIcFE4MHBDMEEzZG90SkhpU0xzdEl6WmZucGN5blJsS2c9PSIsIm1hYyI6IjQ3NGM0MWE4Y2Y0Mzc5YzY4OGQ1ODhjMjBmZTIwZjJiMzZiOGZkOTQzMTUxMTFmNGZlNDQyNGY5ZWYyOTM5OTIifQ%3D%3D; laravel_session=eyJpdiI6ImRCMTVzT2doMTZDTWprK0htV2lkcFE9PSIsInZhbHVlIjoiTkJtUWQxd3llMHBlSTR0WjVSY1MrMkVadE1mU2JPdU9YQ1FlenlldloxeTdhNXJmMDdRWnFQZzh2amo0RXV5bDJsd2dwUG45SWw3eUdIZHJ3dWxveWc9PSIsIm1hYyI6ImQ3MTA1ZDUxM2Y4N2IyN2YyNzA2NzJmODUxYTAzY2YyNzU3NTE1NTlhY2M4OWM4OGVhMDdiNTYxNWI4ZWQzYzMifQ%3D%3D Connection keep-alive Cache-Control no-cache Referer http://www.mufg-jp.biz/service/visitors/asps/sinkitou User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 02:06:20 GMT Last-Modified Mon, 20 Mar 2017 09:27:13 GMT Server nginx/1.11.5 ETag "58cfa071-12d" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 301
GET H/1.1	200 OK	spacer.gif www.mufg-jp.biz/images/	43 B 279 B	512ms 512ms	Image image/gif	116.206.92.161 ANCHNET Shanghai ...
General Check archive.org Show headers Download Go to Show image Full URL http://www.mufg-jp.biz/images/spacer.gif Requested by Host: www.mufg-jp.biz URL: http://www.mufg-jp.biz/service/visitors/asps/sinkitou Protocol HTTP/1.1 Server 116.206.92.161 Baoan, China, ASN58879 (ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN), Reverse DNS Software nginx/1.11.5 / Resource Hash `db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.mufg-jp.biz User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.mufg-jp.biz/service/visitors/asps/sinkitou Cookie XSRF-TOKEN=eyJpdiI6IjNCN3hsdUozQU5YN014MVlsZUFWbEE9PSIsInZhbHVlIjoiZWI1aEpvNHVHSnpUM1FoV3hpNlZ0bTJlUFJwaXZFUmFJM2NmNHFxS082Wm1LdERxa0pFSVBIcFE4MHBDMEEzZG90SkhpU0xzdEl6WmZucGN5blJsS2c9PSIsIm1hYyI6IjQ3NGM0MWE4Y2Y0Mzc5YzY4OGQ1ODhjMjBmZTIwZjJiMzZiOGZkOTQzMTUxMTFmNGZlNDQyNGY5ZWYyOTM5OTIifQ%3D%3D; laravel_session=eyJpdiI6ImRCMTVzT2doMTZDTWprK0htV2lkcFE9PSIsInZhbHVlIjoiTkJtUWQxd3llMHBlSTR0WjVSY1MrMkVadE1mU2JPdU9YQ1FlenlldloxeTdhNXJmMDdRWnFQZzh2amo0RXV5bDJsd2dwUG45SWw3eUdIZHJ3dWxveWc9PSIsIm1hYyI6ImQ3MTA1ZDUxM2Y4N2IyN2YyNzA2NzJmODUxYTAzY2YyNzU3NTE1NTlhY2M4OWM4OGVhMDdiNTYxNWI4ZWQzYzMifQ%3D%3D Connection keep-alive Cache-Control no-cache Referer http://www.mufg-jp.biz/service/visitors/asps/sinkitou User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 02:06:20 GMT Last-Modified Mon, 20 Mar 2017 09:27:13 GMT Server nginx/1.11.5 ETag "58cfa071-2b" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 43
GET H/1.1	200 OK	id_card.gif www.mufg-jp.biz/images/	12 KB 12 KB	522ms 522ms	Image image/gif	116.206.92.161 ANCHNET Shanghai ...
General Check archive.org Show headers Download Go to Show image Full URL http://www.mufg-jp.biz/images/id_card.gif Requested by Host: www.mufg-jp.biz URL: http://www.mufg-jp.biz/service/visitors/asps/sinkitou Protocol HTTP/1.1 Server 116.206.92.161 Baoan, China, ASN58879 (ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN), Reverse DNS Software nginx/1.11.5 / Resource Hash `f8e5f906cb136dcb7b90652b39b86cf55924ae599bbd5d367bba0e926bba2b02` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.mufg-jp.biz User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.mufg-jp.biz/service/visitors/asps/sinkitou Cookie XSRF-TOKEN=eyJpdiI6IjNCN3hsdUozQU5YN014MVlsZUFWbEE9PSIsInZhbHVlIjoiZWI1aEpvNHVHSnpUM1FoV3hpNlZ0bTJlUFJwaXZFUmFJM2NmNHFxS082Wm1LdERxa0pFSVBIcFE4MHBDMEEzZG90SkhpU0xzdEl6WmZucGN5blJsS2c9PSIsIm1hYyI6IjQ3NGM0MWE4Y2Y0Mzc5YzY4OGQ1ODhjMjBmZTIwZjJiMzZiOGZkOTQzMTUxMTFmNGZlNDQyNGY5ZWYyOTM5OTIifQ%3D%3D; laravel_session=eyJpdiI6ImRCMTVzT2doMTZDTWprK0htV2lkcFE9PSIsInZhbHVlIjoiTkJtUWQxd3llMHBlSTR0WjVSY1MrMkVadE1mU2JPdU9YQ1FlenlldloxeTdhNXJmMDdRWnFQZzh2amo0RXV5bDJsd2dwUG45SWw3eUdIZHJ3dWxveWc9PSIsIm1hYyI6ImQ3MTA1ZDUxM2Y4N2IyN2YyNzA2NzJmODUxYTAzY2YyNzU3NTE1NTlhY2M4OWM4OGVhMDdiNTYxNWI4ZWQzYzMifQ%3D%3D Connection keep-alive Cache-Control no-cache Referer http://www.mufg-jp.biz/service/visitors/asps/sinkitou User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 02:06:20 GMT Last-Modified Mon, 20 Mar 2017 09:27:12 GMT Server nginx/1.11.5 ETag "58cfa070-2f50" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 12112
GET H/1.1	200 OK	next.gif www.mufg-jp.biz/images/	529 B 767 B	513ms 513ms	Image image/gif	116.206.92.161 ANCHNET Shanghai ...
General Check archive.org Show headers Download Go to Show image Full URL http://www.mufg-jp.biz/images/next.gif Requested by Host: www.mufg-jp.biz URL: http://www.mufg-jp.biz/service/visitors/asps/sinkitou Protocol HTTP/1.1 Server 116.206.92.161 Baoan, China, ASN58879 (ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN), Reverse DNS Software nginx/1.11.5 / Resource Hash `75a242a4e4193b3d5bffa61de9f1999c82864dfd042216628ee5d9bf7a9a9f9a` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.mufg-jp.biz User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.mufg-jp.biz/service/visitors/asps/sinkitou Cookie XSRF-TOKEN=eyJpdiI6IjNCN3hsdUozQU5YN014MVlsZUFWbEE9PSIsInZhbHVlIjoiZWI1aEpvNHVHSnpUM1FoV3hpNlZ0bTJlUFJwaXZFUmFJM2NmNHFxS082Wm1LdERxa0pFSVBIcFE4MHBDMEEzZG90SkhpU0xzdEl6WmZucGN5blJsS2c9PSIsIm1hYyI6IjQ3NGM0MWE4Y2Y0Mzc5YzY4OGQ1ODhjMjBmZTIwZjJiMzZiOGZkOTQzMTUxMTFmNGZlNDQyNGY5ZWYyOTM5OTIifQ%3D%3D; laravel_session=eyJpdiI6ImRCMTVzT2doMTZDTWprK0htV2lkcFE9PSIsInZhbHVlIjoiTkJtUWQxd3llMHBlSTR0WjVSY1MrMkVadE1mU2JPdU9YQ1FlenlldloxeTdhNXJmMDdRWnFQZzh2amo0RXV5bDJsd2dwUG45SWw3eUdIZHJ3dWxveWc9PSIsIm1hYyI6ImQ3MTA1ZDUxM2Y4N2IyN2YyNzA2NzJmODUxYTAzY2YyNzU3NTE1NTlhY2M4OWM4OGVhMDdiNTYxNWI4ZWQzYzMifQ%3D%3D Connection keep-alive Cache-Control no-cache Referer http://www.mufg-jp.biz/service/visitors/asps/sinkitou User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 02:06:20 GMT Last-Modified Mon, 20 Mar 2017 09:27:13 GMT Server nginx/1.11.5 ETag "58cfa071-211" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 529
GET H/1.1	200 OK	copy.gif www.mufg-jp.biz/images/	3 KB 3 KB	1057ms 640ms	Image image/gif	116.206.92.161 ANCHNET Shanghai ...
General Check archive.org Show headers Download Go to Show image Full URL http://www.mufg-jp.biz/images/copy.gif Requested by Host: www.mufg-jp.biz URL: http://www.mufg-jp.biz/service/visitors/asps/sinkitou Protocol HTTP/1.1 Server 116.206.92.161 Baoan, China, ASN58879 (ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN), Reverse DNS Software nginx/1.11.5 / Resource Hash `607a63bebe4af9b51d0eb922b0fb4ff355514c9fc403ad4e9a5dad9697f0a961` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.mufg-jp.biz User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.mufg-jp.biz/service/visitors/asps/sinkitou Cookie XSRF-TOKEN=eyJpdiI6IjNCN3hsdUozQU5YN014MVlsZUFWbEE9PSIsInZhbHVlIjoiZWI1aEpvNHVHSnpUM1FoV3hpNlZ0bTJlUFJwaXZFUmFJM2NmNHFxS082Wm1LdERxa0pFSVBIcFE4MHBDMEEzZG90SkhpU0xzdEl6WmZucGN5blJsS2c9PSIsIm1hYyI6IjQ3NGM0MWE4Y2Y0Mzc5YzY4OGQ1ODhjMjBmZTIwZjJiMzZiOGZkOTQzMTUxMTFmNGZlNDQyNGY5ZWYyOTM5OTIifQ%3D%3D; laravel_session=eyJpdiI6ImRCMTVzT2doMTZDTWprK0htV2lkcFE9PSIsInZhbHVlIjoiTkJtUWQxd3llMHBlSTR0WjVSY1MrMkVadE1mU2JPdU9YQ1FlenlldloxeTdhNXJmMDdRWnFQZzh2amo0RXV5bDJsd2dwUG45SWw3eUdIZHJ3dWxveWc9PSIsIm1hYyI6ImQ3MTA1ZDUxM2Y4N2IyN2YyNzA2NzJmODUxYTAzY2YyNzU3NTE1NTlhY2M4OWM4OGVhMDdiNTYxNWI4ZWQzYzMifQ%3D%3D Connection keep-alive Cache-Control no-cache Referer http://www.mufg-jp.biz/service/visitors/asps/sinkitou User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 02:06:21 GMT Last-Modified Mon, 20 Mar 2017 09:27:12 GMT Server nginx/1.11.5 ETag "58cfa070-a01" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 2561
GET H/1.1	200 OK	mbox.js Show response www.mufg-jp.biz/js/	25 KB 8 KB	442ms 442ms	Script application/x-javascript	116.206.92.161 ANCHNET Shanghai ...
General Check archive.org Show headers Download Go to Full URL http://www.mufg-jp.biz/js/mbox.js Requested by Host: www.mufg-jp.biz URL: http://www.mufg-jp.biz/service/visitors/asps/sinkitou Protocol HTTP/1.1 Server 116.206.92.161 Baoan, China, ASN58879 (ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN), Reverse DNS Software nginx/1.11.5 / Resource Hash `e1cc1dd9aa180bae8210677812b3dbb3d0ad0fb7fda9cbe07ce88d1fd868cc6b` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.mufg-jp.biz User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://www.mufg-jp.biz/service/visitors/asps/sinkitou Cookie XSRF-TOKEN=eyJpdiI6IjNCN3hsdUozQU5YN014MVlsZUFWbEE9PSIsInZhbHVlIjoiZWI1aEpvNHVHSnpUM1FoV3hpNlZ0bTJlUFJwaXZFUmFJM2NmNHFxS082Wm1LdERxa0pFSVBIcFE4MHBDMEEzZG90SkhpU0xzdEl6WmZucGN5blJsS2c9PSIsIm1hYyI6IjQ3NGM0MWE4Y2Y0Mzc5YzY4OGQ1ODhjMjBmZTIwZjJiMzZiOGZkOTQzMTUxMTFmNGZlNDQyNGY5ZWYyOTM5OTIifQ%3D%3D; laravel_session=eyJpdiI6ImRCMTVzT2doMTZDTWprK0htV2lkcFE9PSIsInZhbHVlIjoiTkJtUWQxd3llMHBlSTR0WjVSY1MrMkVadE1mU2JPdU9YQ1FlenlldloxeTdhNXJmMDdRWnFQZzh2amo0RXV5bDJsd2dwUG45SWw3eUdIZHJ3dWxveWc9PSIsIm1hYyI6ImQ3MTA1ZDUxM2Y4N2IyN2YyNzA2NzJmODUxYTAzY2YyNzU3NTE1NTlhY2M4OWM4OGVhMDdiNTYxNWI4ZWQzYzMifQ%3D%3D Connection keep-alive Cache-Control no-cache Referer http://www.mufg-jp.biz/service/visitors/asps/sinkitou User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 02:06:20 GMT Content-Encoding gzip Last-Modified Sat, 18 Mar 2017 07:28:16 GMT Server nginx/1.11.5 ETag W/"58cce190-6206" Vary Accept-Encoding Content-Type application/x-javascript Transfer-Encoding chunked Connection keep-alive

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: MUFG (Banking)

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mufg-jp.biz/	1970-01-18 18:07:21	Name: mbox Value: check#true#1534039642\|session#1534039581502-684065#1534041442
www.mufg-jp.biz/	1970-01-18 18:07:26	Name: laravel_session Value: eyJpdiI6ImRCMTVzT2doMTZDTWprK0htV2lkcFE9PSIsInZhbHVlIjoiTkJtUWQxd3llMHBlSTR0WjVSY1MrMkVadE1mU2JPdU9YQ1FlenlldloxeTdhNXJmMDdRWnFQZzh2amo0RXV5bDJsd2dwUG45SWw3eUdIZHJ3dWxveWc9PSIsIm1hYyI6ImQ3MTA1ZDUxM2Y4N2IyN2YyNzA2NzJmODUxYTAzY2YyNzU3NTE1NTlhY2M4OWM4OGVhMDdiNTYxNWI4ZWQzYzMifQ%3D%3D
www.mufg-jp.biz/	1970-01-18 18:07:26	Name: XSRF-TOKEN Value: eyJpdiI6IjNCN3hsdUozQU5YN014MVlsZUFWbEE9PSIsInZhbHVlIjoiZWI1aEpvNHVHSnpUM1FoV3hpNlZ0bTJlUFJwaXZFUmFJM2NmNHFxS082Wm1LdERxa0pFSVBIcFE4MHBDMEEzZG90SkhpU0xzdEl6WmZucGN5blJsS2c9PSIsIm1hYyI6IjQ3NGM0MWE4Y2Y0Mzc5YzY4OGQ1ODhjMjBmZTIwZjJiMzZiOGZkOTQzMTUxMTFmNGZlNDQyNGY5ZWYyOTM5OTIifQ%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.mufg-jp.biz
116.206.92.161
18e38cfe36d06aa7dafdfa7cc5243f222451f35b3e4e4ec4535e11096ad6d058
5062c162fd704919b0f0c8e7f07298f875adc79bc0b9de45699d9b05e734855b
607a63bebe4af9b51d0eb922b0fb4ff355514c9fc403ad4e9a5dad9697f0a961
66af2a8377770eaa07196f4fb20aacbf2a1ac98a7a51890fd8b6114d1bb8a11f
75a242a4e4193b3d5bffa61de9f1999c82864dfd042216628ee5d9bf7a9a9f9a
d4b0c975708e3c0ab9965254e93a129690444312c0833555dbe02f933836a2aa
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
e1cc1dd9aa180bae8210677812b3dbb3d0ad0fb7fda9cbe07ce88d1fd868cc6b
e2c7622784910343e340730d7501da1ff61e336ba1ef4b902b67ef5cc9789791
f8e5f906cb136dcb7b90652b39b86cf55924ae599bbd5d367bba0e926bba2b02

www.mufg-jp.biz Open in urlscan Pro 116.206.92.161 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

10 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

38 kBTransfer

87 kBSize

3 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

47 JavaScript Global Variables

3 Cookies

Indicators

www.mufg-jp.biz Open in urlscan Pro
116.206.92.161 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

38 kB
Transfer

87 kB
Size

3
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!