aozorabank-yegwg.com
Open in
urlscan Pro
92.38.189.69
Malicious Activity!
Public Scan
Effective URL: https://aozorabank-yegwg.com/b2c/login
Submission: On September 27 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 27th 2022. Valid for: 3 months.
This is the only time aozorabank-yegwg.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: GMO Aozora Net Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 11 | 92.38.189.69 92.38.189.69 | 202422 (GHOST) (GHOST) | |
4 4 | 65.9.66.9 65.9.66.9 | 16509 (AMAZON-02) (AMAZON-02) | |
4 8 | 199.232.214.128 199.232.214.128 | 54113 (FASTLY) (FASTLY) | |
12 | 96.16.153.24 96.16.153.24 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
22 | 3 |
ASN202422 (GHOST, LU)
PTR: vernitamelman77.example.com
aozorabank-yegwg.com |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-9.fra56.r.cloudfront.net
mercari.com |
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-153-24.deploy.static.akamaitechnologies.com
gmo-aozora.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
gmo-aozora.com
gmo-aozora.com |
428 KB |
12 |
mercari.com
8 redirects
mercari.com — Cisco Umbrella Rank: 55570 www.mercari.com — Cisco Umbrella Rank: 61357 jp.mercari.com — Cisco Umbrella Rank: 241056 |
2 KB |
11 |
aozorabank-yegwg.com
5 redirects
aozorabank-yegwg.com |
34 KB |
22 | 3 |
Domain | Requested by | |
---|---|---|
12 | gmo-aozora.com |
aozorabank-yegwg.com
|
11 | aozorabank-yegwg.com |
5 redirects
aozorabank-yegwg.com
|
4 | jp.mercari.com |
aozorabank-yegwg.com
|
4 | www.mercari.com | 4 redirects |
4 | mercari.com | 4 redirects |
22 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
gmo-aozora.com |
bank.gmo-aozora.com |
faq.gmo-aozora.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
aozorabank-yegwg.com R3 |
2022-09-27 - 2022-12-26 |
3 months | crt.sh |
gmo-aozora.com GlobalSign Extended Validation CA - SHA256 - G3 |
2021-11-22 - 2022-12-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://aozorabank-yegwg.com/b2c/login
Frame ID: B5330E770F958BC208C390DE1F7F8619
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
GMOあおぞらネット銀行 ログインPage URL History Show full URLs
-
https://aozorabank-yegwg.com/
HTTP 302
https://aozorabank-yegwg.com/b2c/login Page URL
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: 初期設定ガイド(はじめてログインするお客さま)
Search URL Search Domain Scan URL
Title: ログインID、ログインパスワードが分からない方
Search URL Search Domain Scan URL
Title: ご利用環境について
Search URL Search Domain Scan URL
Title: システムメンテナンス情報
Search URL Search Domain Scan URL
Title: フィッシングサイトにご注意ください
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: 金利
Search URL Search Domain Scan URL
Title: 手数料
Search URL Search Domain Scan URL
Title: よくあるご質問
Search URL Search Domain Scan URL
Title: 会社情報
Search URL Search Domain Scan URL
Title: 各種方針
Search URL Search Domain Scan URL
Title: 苦情・紛争解決機関
Search URL Search Domain Scan URL
Title: 規定・約款一覧
Search URL Search Domain Scan URL
Title: 金融犯罪の注意喚起
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://aozorabank-yegwg.com/
HTTP 302
https://aozorabank-yegwg.com/b2c/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://aozorabank-yegwg.com/b2c/js/jquery-3.2.1.min.js HTTP 302
- https://mercari.com/jp/ HTTP 301
- https://www.mercari.com/jp/ HTTP 301
- https://jp.mercari.com/
- https://aozorabank-yegwg.com/b2c/js/henkan.js HTTP 302
- https://mercari.com/jp/ HTTP 301
- https://www.mercari.com/jp/ HTTP 301
- https://jp.mercari.com/
- https://aozorabank-yegwg.com/b2c/js/sso.js HTTP 302
- https://mercari.com/jp/ HTTP 301
- https://www.mercari.com/jp/ HTTP 301
- https://jp.mercari.com/
- https://aozorabank-yegwg.com/b2c/js/generateTransactionId.js HTTP 302
- https://mercari.com/jp/ HTTP 301
- https://www.mercari.com/jp/ HTTP 301
- https://jp.mercari.com/
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login
aozorabank-yegwg.com/b2c/ Redirect Chain
|
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.css
aozorabank-yegwg.com/b2c/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
aozorabank-yegwg.com/b2c/css/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner.css
aozorabank-yegwg.com/b2c/css/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
jp.mercari.com/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
jp.mercari.com/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
jp.mercari.com/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
aozorabank-yegwg.com/b2c/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner-title.png
gmo-aozora.com/service/priv-ib/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sp-banner-title.png
gmo-aozora.com/service/priv-ib/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in-banner-01.png
gmo-aozora.com/service/smb-priv-ib/img/ |
91 KB 91 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in-sp-banner-01.png
gmo-aozora.com/service/smb-priv-ib/img/ |
88 KB 89 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in-banner-02.png
gmo-aozora.com/service/smb-priv-ib/img/ |
56 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in-sp-banner-02.png
gmo-aozora.com/service/smb-priv-ib/img/ |
64 KB 65 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in-banner-03.png
gmo-aozora.com/service/smb-priv-ib/img/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in-sp-banner-03.png
gmo-aozora.com/service/smb-priv-ib/img/ |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner-pickup.png
gmo-aozora.com/service/priv-ib/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sp-banner-pickup.png
gmo-aozora.com/service/priv-ib/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in-banner-04.png
gmo-aozora.com/service/smb-priv-ib/img/ |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in-sp-banner-04.png
gmo-aozora.com/service/smb-priv-ib/img/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
jp.mercari.com/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
input_arrow.png
aozorabank-yegwg.com/b2c/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: GMO Aozora Net Bank (Banking)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
aozorabank-yegwg.com/ | Name: mercar:sid Value: s%3A1457b0be-0c7b-461f-babc-0f9de68c94fc.9p8yXwvZ%2FEjBma9IuQVRWD%2FYKcC9Z9xLoQ%2Fa%2BuZxqNE |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aozorabank-yegwg.com
gmo-aozora.com
jp.mercari.com
mercari.com
www.mercari.com
199.232.214.128
65.9.66.9
92.38.189.69
96.16.153.24
1c7ded744c590139ee7789e5364ad8700228d1fadd80bb115fe125bc7bdbb944
27945a7bf9a80f503d4914bef0a5febd4cc1d6da1ba02f8b286ec9a580053b53
2c4a0dcd8df246e904d7e40e7675cc05a87e7c00fe35b6232f3f847693f95855
3b9e2d90e1f1b7ebc9237ce6ff2a0fa9f40fd243cb1273a83c90ce00a19ccdef
480e37be46b76cab1d37ee4aea33cafa26b185f4b80da9c7c987945ee0f99594
633053800716df5e106b01b84a98f6bd3e6550193c9ce6263383a628c7481e45
6fcd9a21eb3715b2f62666ec2443148330c4c4bfaa0f194138bab8c184c648dd
81ecec0e983587fe44a904e998b2b8ae8b153080f6b74df40a9bf23416b7e8cf
83e2d56e4876dcc52e61a2734e6ccc961b44bffa18b21459843bd86bfc45265c
8c88e4124dd6561f1b16430fe7bb2efcfbd9166115e02253ef5f14bc53df6d06
ab90329aef147de6810043493e170d74a33fad0f0fbdd78a7f714b8a7c2bcabd
c63f314927e7ef52ba708f9677536878b1330e482dbc9e2f2416aba3d2fb0d5f
cbd614fb4115dabaaa54aad407a5aabf8bfe973d5b183ebe24b3aab31c846d1b
cff7bbbc3a629645c0e2bd6483ea289f5084fab2499713f0b864e8c45af84a07
d6b06fde3a460ed6223ed4632534aae6336045799ea01eafe98c8ffa013dfa1b
db634bf3b5bd7b007c9bcce7b899cc4bde56ad129637c1e9725d763a90939e69
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e648780b318479652950fe9c07a744dd0598bfab53bd28499214f7b17129039e
fcb89e3b1d4d72c61cb4b408c1359dd50575a0871b17b0affbfb3c69c8f5609e