esumbank.buzz Open in urlscan Pro
45.152.84.215 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://esumbank.buzz/
Effective URL:
https://esumbank.buzz/index/index/login.html
Submission: On May 23 via automatic, source certstream-suspicious (May 23rd 2024, 9:59:03 am UTC) — Scanned from DE

Summary HTTP 16 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 45.152.84.215, located in San Francisco, United States and belongs to AS56971 AS56971 Cloud, HK. The main domain is esumbank.buzz.
TLS certificate: Issued by R3 on April 29th 2024. Valid for: 3 months.

This is the only time esumbank.buzz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: JR East (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 17	45.152.84.215 45.152.84.215		56971 (AS56971 A...) (AS56971 AS56971 Cloud)
16	1

17 45.152.84.215 (San Francisco, United States) 1 redirects

ASN56971 (AS56971 AS56971 Cloud, HK)

esumbank.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	esumbank.buzz 1 redirects esumbank.buzz	1 MB
16	1

	Domain	Requested by
17	esumbank.buzz	1 redirects esumbank.buzz
16	1

This site contains links to these domains. Also see Links.

Domain
www.eki-net.com
secure.okbiz.okwave.jp
www.jreast.co.jp
my.jreast.co.jp

Subject Issuer	Validity	Valid
www.strech.top R3	`2024-04-29` - `2024-07-28`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://esumbank.buzz/index/index/login.html
Frame ID: 275CA184B45812C1C0A2AEE037ED445F
Requests: 15 HTTP requests in this frame

Frame: https://esumbank.buzz/index/index/index_1.html
Frame ID: 699614B66B023580B049D1FB6D2A3F95
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

えきねっと（JR東日本）｜ログイン

Page URL History Show full URLs

https://esumbank.buzz/ HTTP 302
https://esumbank.buzz/index/index/login.html Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

16
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1257 kB
Transfer

1611 kB
Size

0
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.eki-net.com/Personal/Top/Index

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/Personal/reserve/wb/RouteSearchConditionInput/Index
Title: JRきっぷ申込／空席案内

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/Personal/reserve/wb/JoyfulTrainsTop/Index
Title: のってたのしい列車（観光列車）の申込

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/Personal/reserve/wb/GainTicketSearchConditionsInput/Index
Title: おトクなきっぷの申込

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/jrticket/about/
Title: JRきっぷ申込とは

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/tokudane/
Title: えきねっとトクだ値

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/e-ticket/
Title: 新幹線eチケットサービス

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/ticketless/
Title: えきねっとチケットレスサービス

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/jrticket/guide/
Title: JRきっぷ申込ご利用ガイド

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/travel/
Title: JRツアー

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/rentcar/
Title: 駅レンタカー

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/howto/
Title: 便利な使い方

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/point/
Title: ポイント

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/info/
Title: お問い合わせ

Search URL Search Domain Scan URL

URL: https://secure.okbiz.okwave.jp/eki-net/?site_domain=default
Title: よくある質問

Search URL Search Domain Scan URL

URL: https://www.jreast.co.jp/

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/Personal/member/wb/ID/IDReminderApply
Title: えきねっとユーザーIDを忘れた

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/Personal/member/wb/PW/PasswordRegistApply
Title: パスワードを忘れた

Search URL Search Domain Scan URL

URL: https://my.jreast.co.jp/web/ir/RenewPasswordRequestForm.aspx
Title: My JR-EASTのID・パスワードをお忘れの場合（My JR-EASTサイトへ）

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/mail_magazine/
Title: メールマガジンのご案内

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/service_time/
Title: サービス提供時間

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/use/
Title: ご利用にあたって

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/kiyaku/
Title: えきねっと利用に関する規約

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/privacy/
Title: 個人情報の取扱いに関する基本方針

Search URL Search Domain Scan URL

URL: https://www.eki-net.com/top/sitemap/
Title: サイトマップ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://esumbank.buzz/ HTTP 302
https://esumbank.buzz/index/index/login.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login.html Show response esumbank.buzz/index/index/ Redirect Chain https://esumbank.buzz/ https://esumbank.buzz/index/index/login.html	23 KB 4 KB	191ms 190ms	Document text/html	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Full URL https://esumbank.buzz/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `c47a411aa3cd682df4e2b29d7e3d18900ca76f21f5251eb1933b21dac73594eb` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-length 4283 content-type text/html; charset=utf-8 date Thu, 23 May 2024 09:58:58 GMT server Apache vary Accept-Encoding Redirect headers cache-control no-cache,must-revalidate content-length 0 content-type text/html; charset=utf-8 date Thu, 23 May 2024 09:58:58 GMT location /index/index/login.html server Apache
GET H2	200	common.css esumbank.buzz/static/css/	120 KB 14 KB	443ms 442ms	Stylesheet text/css	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Full URL https://esumbank.buzz/static/css/common.css Requested by Host: esumbank.buzz URL: https://esumbank.buzz/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `c3c06cab11490cda8fa71c1fb7b633367a8065180a6fab532500f647bf248e29` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://esumbank.buzz/index/index/login.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 09:58:58 GMT content-encoding gzip last-modified Fri, 31 Dec 2021 08:05:54 GMT server Apache etag "1e065-5d46ca3d8bc80-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 14629
GET H2	200	module.css esumbank.buzz/static/css/	74 KB 10 KB	298ms 297ms	Stylesheet text/css	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Full URL https://esumbank.buzz/static/css/module.css Requested by Host: esumbank.buzz URL: https://esumbank.buzz/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `f32ac72b33743b0a8fcf63463ab1859bc72d25ebe3c02e8249c10420b8ed2a06` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://esumbank.buzz/index/index/login.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 09:58:58 GMT content-encoding gzip last-modified Fri, 31 Dec 2021 08:05:54 GMT server Apache etag "12779-5d46ca3d8bc80-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 10179
GET H2	200	member.css esumbank.buzz/static/css/	20 KB 3 KB	151ms 150ms	Stylesheet text/css	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Full URL https://esumbank.buzz/static/css/member.css Requested by Host: esumbank.buzz URL: https://esumbank.buzz/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `8e4d01ee0450f9f5e21ea7178dd0aad676fcebf6808a1a550fddc686fba02542` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://esumbank.buzz/index/index/login.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 09:58:58 GMT content-encoding gzip last-modified Fri, 31 Dec 2021 08:05:54 GMT server Apache etag "4fe7-5d46ca3d8bc80-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 3214
GET H2	200	style.css esumbank.buzz/static/css/	39 KB 6 KB	295ms 295ms	Stylesheet text/css	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Full URL https://esumbank.buzz/static/css/style.css Requested by Host: esumbank.buzz URL: https://esumbank.buzz/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `c6c23411a9fa7eb2bc546e6269c8243b2efc179dbe9dcedafc141d03057375ec` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://esumbank.buzz/index/index/login.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 09:58:58 GMT content-encoding gzip last-modified Fri, 31 Dec 2021 08:05:56 GMT server Apache etag "9a27-5d46ca3f74100-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 6590
GET H2	200	top_searchparts.css esumbank.buzz/static/css/	119 KB 12 KB	347ms 347ms	Stylesheet text/css	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Full URL https://esumbank.buzz/static/css/top_searchparts.css Requested by Host: esumbank.buzz URL: https://esumbank.buzz/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `6b6805e990d1063ebbf30e49162bf04f8ec247ffa96e1872e4b0d8d3f7e3a02f` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://esumbank.buzz/index/index/login.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 09:58:58 GMT content-encoding gzip last-modified Fri, 31 Dec 2021 08:05:56 GMT server Apache etag "1db4d-5d46ca3f74100-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 12592
GET H2	200	load_font.css esumbank.buzz/static/css/	786 B 401 B	151ms 151ms	Stylesheet text/css	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Full URL https://esumbank.buzz/static/css/load_font.css Requested by Host: esumbank.buzz URL: https://esumbank.buzz/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `bdd84e5ef5aa059a934dc05de1d463e3d1d875727859f301a940426c16e805d8` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://esumbank.buzz/index/index/login.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 09:58:58 GMT content-encoding gzip last-modified Fri, 31 Dec 2021 08:05:56 GMT server Apache etag "312-5d46ca3f74100-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 324
GET H2	200	logo_ekinet.png esumbank.buzz/static/images/	7 KB 7 KB	434ms 433ms	Image image/png	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Show image Full URL https://esumbank.buzz/static/images/logo_ekinet.png Requested by Host: esumbank.buzz URL: https://esumbank.buzz/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `3f7c549cfacde11c4129c09b1908d106126d823682cc758f70fc046638d7746b` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://esumbank.buzz/index/index/login.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 09:58:58 GMT last-modified Fri, 31 Dec 2021 07:45:10 GMT server Apache accept-ranges bytes etag "1d38-5d46c59b2cd80" content-length 7480 content-type image/png
GET H2	200	logo_jreast.png esumbank.buzz/static/images/	3 KB 3 KB	434ms 433ms	Image image/png	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Show image Full URL https://esumbank.buzz/static/images/logo_jreast.png Requested by Host: esumbank.buzz URL: https://esumbank.buzz/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `ba4924716ed0580ae30f974eebb97421a2c10c1e2cf61e8ad60fcd39d8fbca30` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://esumbank.buzz/index/index/login.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 09:58:58 GMT last-modified Fri, 31 Dec 2021 07:45:10 GMT server Apache accept-ranges bytes etag "b5d-5d46c59b2cd80" content-length 2909 content-type image/png
GET H2	200	icon_input_ok.png esumbank.buzz/static/images/	3 KB 3 KB	149ms 149ms	Image image/png	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Show image Full URL https://esumbank.buzz/static/images/icon_input_ok.png Requested by Host: esumbank.buzz URL: https://esumbank.buzz/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `d4d96a513c50320d375f5cb8c1c4f52d6ba868b6ffafec5f451deb8dc9ef05f4` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://esumbank.buzz/index/index/login.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 09:58:58 GMT last-modified Fri, 31 Dec 2021 07:45:10 GMT server Apache accept-ranges bytes etag "c9d-5d46c59b2cd80" content-length 3229 content-type image/png
GET H2	200	icon_linkblank.png esumbank.buzz/static/images/	166 B 213 B	434ms 434ms	Image image/png	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Show image Full URL https://esumbank.buzz/static/images/icon_linkblank.png Requested by Host: esumbank.buzz URL: https://esumbank.buzz/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `e918e110b6e7e8c5ada678baab1d10bcf4f24d149943804b0b31363ccd976b7a` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://esumbank.buzz/index/index/login.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 09:58:58 GMT last-modified Fri, 31 Dec 2021 07:45:10 GMT server Apache accept-ranges bytes etag "a6-5d46c59b2cd80" content-length 166 content-type image/png
GET H2	200	icon_linkblank-1.png esumbank.buzz/static/images/	166 B 260 B	435ms 435ms	Image image/png	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Show image Full URL https://esumbank.buzz/static/images/icon_linkblank-1.png Requested by Host: esumbank.buzz URL: https://esumbank.buzz/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `e918e110b6e7e8c5ada678baab1d10bcf4f24d149943804b0b31363ccd976b7a` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://esumbank.buzz/index/index/login.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 09:58:59 GMT last-modified Fri, 31 Dec 2021 07:45:12 GMT server Apache accept-ranges bytes etag "a6-5d46c59d15200" content-length 166 content-type image/png
GET H2	404	index_1.html Show response esumbank.buzz/index/index/ Frame 6996	7 KB 2 KB	452ms 452ms	Document text/html	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Full URL https://esumbank.buzz/index/index/index_1.html Requested by Host: esumbank.buzz URL: https://esumbank.buzz/index/index/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `de592d21e988e1abca195e3ff99c8f401d96fbd399db8e885eb217283cb19821` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://esumbank.buzz/index/index/login.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-length 1773 content-type text/html; charset=utf-8 date Thu, 23 May 2024 09:58:59 GMT server Apache vary Accept-Encoding
GET H2	200	notosanscjkjp-regular_subset.woff esumbank.buzz/static/fonts/	1 MB 1 MB	153ms 153ms	Font font/woff	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Full URL https://esumbank.buzz/static/fonts/notosanscjkjp-regular_subset.woff Requested by Host: esumbank.buzz URL: https://esumbank.buzz/static/css/load_font.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `434379a92cc3af5ca03ccb2bfaadc7f2b8224b1b49f310ec5f4d27ca36777520` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://esumbank.buzz/static/css/load_font.css Origin https://esumbank.buzz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 09:58:59 GMT content-encoding gzip last-modified Fri, 31 Dec 2021 07:45:10 GMT server Apache etag "128eb4-5d46c59b2cd80-gzip" vary Accept-Encoding content-type font/woff accept-ranges bytes
GET H2	200	notosanscjkjp-bold_subset.woff esumbank.buzz/static/fonts/	548 B 229 B	149ms 148ms	Font font/woff	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Full URL https://esumbank.buzz/static/fonts/notosanscjkjp-bold_subset.woff Requested by Host: esumbank.buzz URL: https://esumbank.buzz/static/css/load_font.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://esumbank.buzz/static/css/load_font.css Origin https://esumbank.buzz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 09:58:59 GMT content-encoding gzip last-modified Fri, 31 Dec 2021 07:45:12 GMT server Apache etag "224-5d46c59d15200-gzip" vary Accept-Encoding content-type font/woff accept-ranges bytes content-length 167
GET H2	404	favicon.ico esumbank.buzz/	7 KB 2 KB	173ms 173ms	Other text/html	45.152.84.215 AS56971 AS56971 C...
General Check archive.org Show headers Download Go to Full URL https://esumbank.buzz/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.152.84.215 San Francisco, United States, ASN56971 (AS56971 AS56971 Cloud, HK), Reverse DNS Software Apache / Resource Hash `de592d21e988e1abca195e3ff99c8f401d96fbd399db8e885eb217283cb19821` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://esumbank.buzz/index/index/login.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 09:59:00 GMT content-encoding gzip server Apache content-length 1773 vary Accept-Encoding content-type text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: JR East (Transportation)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://esumbank.buzz/index/index/login.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://esumbank.buzz/index/index/index_1.html Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://esumbank.buzz/index/index/login.html Message: Failed to decode downloaded font: https://esumbank.buzz/static/fonts/notosanscjkjp-bold_subset.woff
other	warning	URL: https://esumbank.buzz/index/index/login.html Message: OTS parsing error: invalid sfntVersion: 1013478509
network	error	URL: https://esumbank.buzz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

esumbank.buzz
45.152.84.215
3f7c549cfacde11c4129c09b1908d106126d823682cc758f70fc046638d7746b
434379a92cc3af5ca03ccb2bfaadc7f2b8224b1b49f310ec5f4d27ca36777520
6b6805e990d1063ebbf30e49162bf04f8ec247ffa96e1872e4b0d8d3f7e3a02f
8e4d01ee0450f9f5e21ea7178dd0aad676fcebf6808a1a550fddc686fba02542
ba4924716ed0580ae30f974eebb97421a2c10c1e2cf61e8ad60fcd39d8fbca30
bdd84e5ef5aa059a934dc05de1d463e3d1d875727859f301a940426c16e805d8
c3c06cab11490cda8fa71c1fb7b633367a8065180a6fab532500f647bf248e29
c47a411aa3cd682df4e2b29d7e3d18900ca76f21f5251eb1933b21dac73594eb
c6c23411a9fa7eb2bc546e6269c8243b2efc179dbe9dcedafc141d03057375ec
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d4d96a513c50320d375f5cb8c1c4f52d6ba868b6ffafec5f451deb8dc9ef05f4
de592d21e988e1abca195e3ff99c8f401d96fbd399db8e885eb217283cb19821
e918e110b6e7e8c5ada678baab1d10bcf4f24d149943804b0b31363ccd976b7a
f32ac72b33743b0a8fcf63463ab1859bc72d25ebe3c02e8249c10420b8ed2a06

esumbank.buzz Open in urlscan Pro 45.152.84.215 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1257 kBTransfer

1611 kBSize

0 Cookies

25 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

esumbank.buzz Open in urlscan Pro
45.152.84.215 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1257 kB
Transfer

1611 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!