cr-mufg.7566963.com
Open in
urlscan Pro
2606:4700:3035::6815:2cc7
Malicious Activity!
Public Scan
Effective URL: https://cr-mufg.7566963.com/
Submission: On March 26 via manual from JP
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 26th 2021. Valid for: a year.
This is the only time cr-mufg.7566963.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: MUFG (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 2606:4700:303... 2606:4700:3035::ac43:bb70 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
26 | 2606:4700:303... 2606:4700:3035::6815:2cc7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
28 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
7566963.com
cr-mufg.7566963.com |
141 KB |
2 |
7566258.com
cr-mufg.7566258.com |
1 KB |
28 | 2 |
Domain | Requested by | |
---|---|---|
26 | cr-mufg.7566963.com |
cr-mufg.7566258.com
cr-mufg.7566963.com |
2 | cr-mufg.7566258.com |
cr-mufg.7566258.com
|
28 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-03-26 - 2022-03-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://cr-mufg.7566963.com/
Frame ID: C3AA030248DDE03AEB176E43EC18FD6F
Requests: 28 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://cr-mufg.7566258.com/?Login Page URL
- https://cr-mufg.7566963.com/ Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://cr-mufg.7566258.com/?Login Page URL
- https://cr-mufg.7566963.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
cr-mufg.7566258.com/ |
224 B 775 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.js
cr-mufg.7566258.com/ |
216 B 546 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
cr-mufg.7566963.com/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
cr-mufg.7566963.com/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmpSPLayout.css
cr-mufg.7566963.com/css/ |
187 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.smartbanner.css
cr-mufg.7566963.com/css/ |
1 KB 771 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmpPCLayout.css
cr-mufg.7566963.com/css/ |
232 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mptSPLayout.css
cr-mufg.7566963.com/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mptPCLayout.css
cr-mufg.7566963.com/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mCustomScrollbar.css
cr-mufg.7566963.com/css/ |
54 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logoMUFG_ttl_006.png
cr-mufg.7566963.com/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logoMUFG_ttl_007.png
cr-mufg.7566963.com/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_corp_03.gif
cr-mufg.7566963.com/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select_logo_001.gif
cr-mufg.7566963.com/images/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp_select_logo_001.gif
cr-mufg.7566963.com/images/ |
5 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select_logo_002.gif
cr-mufg.7566963.com/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp_select_logo_002.gif
cr-mufg.7566963.com/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select_logo_003.gif
cr-mufg.7566963.com/images/ |
3 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp_select_logo_003.gif
cr-mufg.7566963.com/images/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select_logo_004.gif
cr-mufg.7566963.com/images/ |
6 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp_select_logo_004.gif
cr-mufg.7566963.com/images/ |
7 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select_logo_005.gif
cr-mufg.7566963.com/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp_select_logo_005.gif
cr-mufg.7566963.com/images/ |
6 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmn_ico_003.png
cr-mufg.7566963.com/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select_card_001.gif
cr-mufg.7566963.com/images/ |
7 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer_btn_001.png
cr-mufg.7566963.com/images/btn/ |
548 B 548 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.css
cr-mufg.7566963.com/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmn_ico_002.png
cr-mufg.7566963.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: MUFG (Banking)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| ua string| pf boolean| isAndroid boolean| isIOS boolean| isWinPhone object| mobileType boolean| isPc2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
cr-mufg.7566963.com/ | Name: PHPSESSID Value: 7ks4mts8h5fblloi5mp6k45t35 |
|
.7566963.com/ | Name: __cfduid Value: d15be6452e629bfd7970706d13c852a0d1616785423 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cr-mufg.7566258.com
cr-mufg.7566963.com
2606:4700:3035::6815:2cc7
2606:4700:3035::ac43:bb70
233abd7dc2dc6c4406681e11447a1bc36e3e22245aaf62e0ef83b32c5c6f04e9
236dd7a2231099424f1e3dbd2e976155733f3b442468228078f153f56c4a32e0
2c4417958d8802c22cd4d7796c9c1b43d5949ea4f7cbd1c6b82d9292a485433e
33a739ca4593cbfd4c984babdb8c06fe3c5ecf127389acf66d6398316cc520ef
3721bcc21d56ed26c7029c396c7174bfc3a13b681809d59239eb2b5d89ce9410
3cfcd56a52f5cd7817c942e8671f4b72a98db4dc4ffc23d50de8657d8af5f2a4
478fba523b3bcf84295732e0b5d44a61db4c8a7fdd563163a532ba07073a7c48
51d68d2342fc8874c46fd5fe9afbdf375a21a97e946c6465b5255d147bf2c856
55fe96763181883a7b8998cafc1a1af18d1e5c27898b25be5904c44eb2aa4391
6346fba6edb44e68f469c88755aa971891c9ee1ea0f28277ecb404d8663b5c24
7a6324497a179a818660f2b019c0d00793702418c4a58eca9ed9e6bf81acfbd3
81e06083bf135990015fb1d1ed3cf12eb12863f77c81b6af85ec62a8b4439799
83e145086398860544904fa3fae3e0a5e2793e2621a6fc96f811365185ba80a0
8524ea830a0cf1162b3166b3e005b086b40af2075c779cc37f0d62b07c06a2de
8959bdfbe6773939616d81266b792fc7768670e029dbd6308ff677d54d1e6f45
8a3e1ca84b2f9d66a9730ce101d5bcfe0b759b25bef225c446da91dd784b6f1e
9207caaf79f20da386783d5ba03e0e308f8eec0d31ebf6e81b6c26cf662c0c8e
998e04887efa08d9f4966b4bc94df26642c9a59ada81b365f27411b15721a2cf
a0fbed548458ec9c58d5ae2bbf1ba6f3cff5633479eceb3191b63beb4d5e4d22
b0897161ba0a121ec590ee6674cbfdb361798cb452e711c648eb07871138fe18
b70beab4fae4ebc983aeaec70ffefdfa1fc31e408899ce246e71315ea60eb5c9
c258fdccef10d390000f820c2d39ee1e45f523201516383369196988e092dcdd
c64587b9a2c48e94836ea80b70348650669c2e0e4e09e174d2ed4b5d23638a56
c75335989432575389682942052bb55d324f8d3575ea3773f47468259b887396
cb058141d9f2e930583e1f91425e451c9776d839c3db99d14b763852480e3d9e
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e92d52f8548bbf291e3b08c3b5a2e83045d5327ebddebe069e095b9fc1abd0f9
f4fb37332fc3385f168f321e75cfc4ca2aafbed50af6e36f07c35ab62b15b503