www2.mufgcard.com
Open in
urlscan Pro
202.232.169.84
Malicious Activity!
Public Scan
URL:
https://www2.mufgcard.com/inet/life/ninsyou/entry/kitei2.html?pacd=1&lid=register_mufg
Submission Tags: falconsandbox
Submission: On December 12 via api from US
Submission Tags: falconsandbox
Submission: On December 12 via api from US
Summary
This website contacted 2 IPs
in 2 countries
across 2 domains to perform 13 HTTP transactions.
The main IP is 202.232.169.84, located in
Japan and
belongs to IIJ Internet Initiative Japan Inc., JP.
The main domain is www2.mufgcard.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 1st 2020. Valid for: a year.
This is the only time www2.mufgcard.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 1st 2020. Valid for: a year.
This is the only time www2.mufgcard.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: MUFG (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 12 | 202.232.169.84 202.232.169.84 | 2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.) | |
| 1 2 | 15.237.76.117 15.237.76.117 | 16509 (AMAZON-02) (AMAZON-02) | |
| 13 | 2 |
2
15.237.76.117
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
| mun.122.2o7.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 12 |
mufgcard.com
www2.mufgcard.com |
187 KB |
| 2 |
2o7.net
1 redirects
mun.122.2o7.net |
2 KB |
| 13 | 2 |
| Domain | Requested by | |
|---|---|---|
| 12 | www2.mufgcard.com |
www2.mufgcard.com
|
| 2 | mun.122.2o7.net |
1 redirects
www2.mufgcard.com
|
| 13 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.cr.mufg.jp |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www2.mufgcard.com DigiCert SHA2 Extended Validation Server CA |
2020-10-01 - 2021-10-06 |
a year | crt.sh |
| *.122.2o7.net DigiCert SHA2 High Assurance Server CA |
2019-04-23 - 2021-04-27 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://www2.mufgcard.com/inet/life/ninsyou/entry/kitei2.html?pacd=1&lid=register_mufg
Frame ID: 543DA74FDA4A3AE9BB4A87519AB69C32
Requests: 13 HTTP requests in this frame
Screenshot
Detected technologies
SiteCatalyst
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/s[_-]code.*\.js/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
URL: https://www.cr.mufg.jp/member/rule/mufgcard/webservice.html
Title: MUFGカードWEBサービス利用者規定
Title: MUFGカードWEBサービス利用者規定
Search URL Search Domain Scan URL
URL: http://www.cr.mufg.jp/corporate/policy/privacy/index.html
Title: プライバシーポリシー
Title: プライバシーポリシー
Search URL Search Domain Scan URL
URL: http://www.cr.mufg.jp/corporate/policy/privacy/protect_data.html
Title: 個人情報保護法にもとづく公表事項
Title: 個人情報保護法にもとづく公表事項
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://mun.122.2o7.net/b/ss/munwwwcrmufgjp/1/H.27.5/s15358705292233?AQB=1&ndh=1&t=12%2F11%2F2020%2023%3A25%3A22%206%20-60&ce=UTF-8&ns=mun&cdp=2&pageName=Web%E4%BC%9A%E5%93%A1%E7%99%BB%E9%8C%B2%3AMUFG%3A%E5%88%A9%E7%94%A8%E8%80%85%E8%A6%8F%E5%AE%9A&g=https%3A%2F%2Fwww2.mufgcard.com%2Finet%2Flife%2Fninsyou%2Fentry%2Fkitei2.html%3Fpacd%3D1%26lid%3Dregister_mufg&cc=JPY&ch=Web%E4%BC%9A%E5%93%A1%E7%99%BB%E9%8C%B2%3AMUFG&server=www2.mufgcard.com&events=event43&c1=D%3Dg&v1=D%3DpageName&c2=D%3Dr&v2=D%3Dr&c4=2020%2F12%2F12&v4=D%3Dc4&c5=7%3A00AM&v5=D%3Dc5&c6=D%3DpageName&v6=First_or_Over60days&c7=D%3DpageName&c11=Web%E4%BC%9A%E5%93%A1%E7%99%BB%E9%8C%B2%3AMUFG&c12=D%3Dc11&c13=D%3Dc11&c14=D%3Dc11&v21=D%3D%22%28E%29%22%2BpageName&v29=D%3DUser-Agent&c37=D%3Dv37&v37=DIR&c38=D%3Dv38&v38=DIR&c39=D%3Dv39&v39=new&v47=D%3Dv0&c50=D%3Dv50&v50=register_mufg&c65=D%3D%22%28E%29%22%2BpageName&c66=www2.mufgcard.com%2F&v66=www2.mufgcard.com%2F&c67=D%3Dc66%2B%22inet%2F%22&v67=D%3Dc66%2B%22inet%2F%22&c68=D%3Dc66%2B%22inet%2Flife%2F%22&v68=D%3Dc66%2B%22inet%2Flife%2F%22&c69=D%3Dc66%2B%22inet%2Flife%2Fninsyou%2F%22&v69=D%3Dc66%2B%22inet%2Flife%2Fninsyou%2F%22&c70=D%3Dc66%2B%22inet%2Flife%2Fninsyou%2Fentry%2F%22&v70=D%3Dc66%2B%22inet%2Flife%2Fninsyou%2Fentry%2F%22&c71=no%20ref&v71=D%3Dc71&v72=D%3Dg&c73=D%3Ds_vi&v73=D%3Ds_vi&c74=https%3A%2F%2Fwww2.mufgcard.com%2Finet%2Fcommon_c%2Fscript%2Fmufg%2Fs_code.js&v74=D%3Dc74&c75=mun_20151104_H.27.5&v75=D%3Dc75&h1=www2.mufgcard.com%2CWeb%E4%BC%9A%E5%93%A1%E7%99%BB%E9%8C%B2&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&p=track_off&AQE=1 HTTP 302
- https://mun.122.2o7.net/b/ss/munwwwcrmufgjp/1/H.27.5/s15358705292233?AQB=1&pccr=true&vidn=2FEAA1A905158FF4-40000B195F696AC2&ndh=1&t=12%2F11%2F2020%2023%3A25%3A22%206%20-60&ce=UTF-8&ns=mun&cdp=2&pageName=Web%E4%BC%9A%E5%93%A1%E7%99%BB%E9%8C%B2%3AMUFG%3A%E5%88%A9%E7%94%A8%E8%80%85%E8%A6%8F%E5%AE%9A&g=https%3A%2F%2Fwww2.mufgcard.com%2Finet%2Flife%2Fninsyou%2Fentry%2Fkitei2.html%3Fpacd%3D1%26lid%3Dregister_mufg&cc=JPY&ch=Web%E4%BC%9A%E5%93%A1%E7%99%BB%E9%8C%B2%3AMUFG&server=www2.mufgcard.com&events=event43&c1=D%3Dg&v1=D%3DpageName&c2=D%3Dr&v2=D%3Dr&c4=2020%2F12%2F12&v4=D%3Dc4&c5=7%3A00AM&v5=D%3Dc5&c6=D%3DpageName&v6=First_or_Over60days&c7=D%3DpageName&c11=Web%E4%BC%9A%E5%93%A1%E7%99%BB%E9%8C%B2%3AMUFG&c12=D%3Dc11&c13=D%3Dc11&c14=D%3Dc11&v21=D%3D%22%28E%29%22%2BpageName&v29=D%3DUser-Agent&c37=D%3Dv37&v37=DIR&c38=D%3Dv38&v38=DIR&c39=D%3Dv39&v39=new&v47=D%3Dv0&c50=D%3Dv50&v50=register_mufg&c65=D%3D%22%28E%29%22%2BpageName&c66=www2.mufgcard.com%2F&v66=www2.mufgcard.com%2F&c67=D%3Dc66%2B%22inet%2F%22&v67=D%3Dc66%2B%22inet%2F%22&c68=D%3Dc66%2B%22inet%2Flife%2F%22&v68=D%3Dc66%2B%22inet%2Flife%2F%22&c69=D%3Dc66%2B%22inet%2Flife%2Fninsyou%2F%22&v69=D%3Dc66%2B%22inet%2Flife%2Fninsyou%2F%22&c70=D%3Dc66%2B%22inet%2Flife%2Fninsyou%2Fentry%2F%22&v70=D%3Dc66%2B%22inet%2Flife%2Fninsyou%2Fentry%2F%22&c71=no%20ref&v71=D%3Dc71&v72=D%3Dg&c73=D%3Ds_vi&v73=D%3Ds_vi&c74=https%3A%2F%2Fwww2.mufgcard.com%2Finet%2Fcommon_c%2Fscript%2Fmufg%2Fs_code.js&v74=D%3Dc74&c75=mun_20151104_H.27.5&v75=D%3Dc75&h1=www2.mufgcard.com%2CWeb%E4%BC%9A%E5%93%A1%E7%99%BB%E9%8C%B2&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&p=track_off&AQE=1
13 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
kitei2.html
www2.mufgcard.com/inet/life/ninsyou/entry/ |
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ninsyouSP.css
www2.mufgcard.com/inet/dy/rwd/shared/style/ |
22 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ninsyouPC.css
www2.mufgcard.com/inet/dy/rwd/shared/style/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mbox.js
www2.mufgcard.com/inet/common_c/script/mufg/ |
25 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s_code.js
www2.mufgcard.com/inet/common_c/script/mufg/ |
90 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common.js
www2.mufgcard.com/inet/dy/rwd/shared/script/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo_pc.png
www2.mufgcard.com/inet/dy/rwd/shared/images/header2/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo_sp.png
www2.mufgcard.com/inet/dy/rwd/shared/images/header2/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
footer_btn_001.png
www2.mufgcard.com/inet/dy/rwd/shared/images/footer2/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo_320x65_01_2.png
www2.mufgcard.com/inet/dy/rwd/shared/images/footer2/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bg_01.png
www2.mufgcard.com/inet/dy/rwd/shared/images/header2/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon_linkBlank_001.png
www2.mufgcard.com/inet/dy/rwd/shared/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s15358705292233
mun.122.2o7.net/b/ss/munwwwcrmufgjp/1/H.27.5/ Redirect Chain
|
43 B 287 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: MUFG (Banking)92 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| mboxCopyright number| mboxVersion object| mboxFactories object| mboxFactoryDefault function| mboxLoadSCPlugin function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxFactory function| mboxSignaler function| mboxList function| mboxLocatorDefault function| mboxLocatorNode function| mboxCreate function| mboxDefine function| mboxUpdate function| mbox function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxSetCookie function| mboxGetCookie function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth function| mboxScPluginFetcher function| mboxStandardScPluginFetcher function| mboxAjaxScPluginFetcher string| codeVer string| sc_host string| sc_path string| sc_domain string| sc_domainList object| s object| currentScript function| s_doPlugins function| sc_wid_click function| sc_cstel_click function| sc_csmail_click function| sc_login_click function| sc_force_exit function| sc_send_other function| sc_intcmp function| aa_clickAdmission function| aa_clickAccordion function| aa_clickPhoneNumber function| aa_clickAppConfirmation function| aa_clickAppTravel function| aa_clickPointMeijin function| aa_clickPrepaid function| aa_clickOtherSite function| getPageNameMTL function| MaxBytesString string| s_code string| s_objectID function| s_gi function| s_giqf string| s_account string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in boolean| sc_doplugin_once number| s_giq boolean| s_vs_flg object| s_i_0_mun14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .mufgcard.com/ | Name: s_sq Value: %5B%5BB%5D%5D |
|
| .mufgcard.com/ | Name: sc_segmhis Value: 1607811922673 |
|
| .mufgcard.com/ | Name: sc_segmsest Value: 1607811922673 |
|
| .mufgcard.com/ | Name: sc_fspage Value: https%3A%2F%2Fwww2.mufgcard.com%2Finet%2Flife%2Fninsyou%2Fentry%2Fkitei2.html%3Fpacd%3D1%26lid%3Dregister_mufg |
|
| .mufgcard.com/ | Name: s_nr Value: 1607811922671 |
|
| .mufgcard.com/ | Name: sc_fs Value: ld |
|
| .mufgcard.com/ | Name: s_visitstart Value: 1 |
|
| .mufgcard.com/ | Name: cf Value: 1 |
|
| .mufgcard.com/ | Name: s_fid Value: 67E3F8116E82A133-3A17072D4BA55EED |
|
| .mufgcard.com/ | Name: sc_visit Value: 1 |
|
| .mufgcard.com/ | Name: s_cc Value: true |
|
| .mufgcard.com/ | Name: mbox Value: check#true#1607811983|session#1607811922037-363310#1607813783 |
|
| .mufgcard.com/ | Name: sc_segm Value: 1 |
|
| www2.mufgcard.com/inet | Name: AS01 Value: fVDQ33jG9G0fs4gl1FP42jn4JThL12rhjnJp8npSl5QMhmgKpnyl!-586251139 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mun.122.2o7.net
www2.mufgcard.com
15.237.76.117
202.232.169.84
06ad1d03d683bb4f01f883a5f8cb6df8c8bc55367eb3d7121cc83993773c9a9d
17e539b5acf2aa9b78c85648d77f4c90059650ac9b381a6be12db711b19d582f
483873d01f95f30335c076041a7bc5db4bd72be777560683b3a4cf1076b8cd5a
491e47e5ddac0c5e7b141976f7f4e551e4b4a1bc81d942d3eafca5cb147dd7f9
4cb1c6a7592715e78813639f4ee58f4cf6854d347e91016970e716540c78ad56
75ebac26ae02d7d9098f12f418f7552ca85a420742efa6869c15430bcd3f9709
7a5ca43de4ce930a02d8fc7d67fa10f6e54e5ca9acf09dc6f0e49eab0fd02f1a
7d080686c1131e5b74fd1c8e30a5fea3f3b85152bad5e404f57b1714723557fc
876ecc2306fba0aebd4773644ed6ed8dd48b99d53f56ece04cd903a032ed3e20
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a447e089a03402423c493f2c53b1f06f7812c4a716e456b8a99bbb934bcaa57d
dcc0b63b38e5d1e9907094d431ba9dfd84ee53d9be51365c93b8e42dd2443661
e1cc1dd9aa180bae8210677812b3dbb3d0ad0fb7fda9cbe07ce88d1fd868cc6b