www-mufg-jp.handicraft.ltd
Open in
urlscan Pro
204.44.87.183
Malicious Activity!
Public Scan
Submission: On January 08 via manual from TW — Scanned from JP
Summary
TLS certificate: Issued by R3 on January 8th 2022. Valid for: 3 months.
This is the only time www-mufg-jp.handicraft.ltd was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: MUFG (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
23 | 204.44.87.183 204.44.87.183 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
23 | 1 |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 204.44.87.183.static.quadranet.com
www-mufg-jp.handicraft.ltd |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
handicraft.ltd
www-mufg-jp.handicraft.ltd |
157 KB |
23 | 1 |
Domain | Requested by | |
---|---|---|
23 | www-mufg-jp.handicraft.ltd |
www-mufg-jp.handicraft.ltd
|
23 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www-mufg-jp.kaiqi.ink R3 |
2022-01-08 - 2022-04-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www-mufg-jp.handicraft.ltd/
Frame ID: 71D53069E0CE9DDDAB16A4EC6D76AA7E
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
お持ちのカードブランドをご選択ください(ログイン)|クレジットカードなら三菱UFJニコスDetected technologies
Slick (JavaScript Libraries) ExpandDetected patterns
- (?:/([\d.]+))?/slick(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www-mufg-jp.handicraft.ltd/ |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
www-mufg-jp.handicraft.ltd/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
parts_sp.css
www-mufg-jp.handicraft.ltd/css/ |
137 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
parts_pc.css
www-mufg-jp.handicraft.ltd/css/ |
97 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adjust_sp.css
www-mufg-jp.handicraft.ltd/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adjust_pc.css
www-mufg-jp.handicraft.ltd/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
www-mufg-jp.handicraft.ltd/js/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.min.js
www-mufg-jp.handicraft.ltd/js/ |
52 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
www-mufg-jp.handicraft.ltd/js/ |
47 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appBnr3_other.js
www-mufg-jp.handicraft.ltd/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header_footer_sp.css
www-mufg-jp.handicraft.ltd/css/ |
29 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header_footer_pc.css
www-mufg-jp.handicraft.ltd/css/ |
30 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logoMUFG_ttl_0007.png
www-mufg-jp.handicraft.ltd/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logoMUFG_ttl_0006.png
www-mufg-jp.handicraft.ltd/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_corp_01.png
www-mufg-jp.handicraft.ltd/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select_logo_mufg.png
www-mufg-jp.handicraft.ltd/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select_logo_dc.png
www-mufg-jp.handicraft.ltd/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select_logo_nicos.png
www-mufg-jp.handicraft.ltd/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select_logo_amex.png
www-mufg-jp.handicraft.ltd/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select_logo_ja.png
www-mufg-jp.handicraft.ltd/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select_card_001.png
www-mufg-jp.handicraft.ltd/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select_card_002.png
www-mufg-jp.handicraft.ltd/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s_code_do.js
www-mufg-jp.handicraft.ltd/js/ |
79 B 127 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: MUFG (Banking)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onsecuritypolicyviolation object| onslotchange function| $ function| jQuery function| _autoHeight function| openScreen function| openSim object| _sc1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www-mufg-jp.handicraft.ltd/ | Name: PHPSESSID Value: j8javco8l0l9lepjjq245am5d2 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www-mufg-jp.handicraft.ltd
204.44.87.183
06e02b3e0fef4bd1a4a711c0e763fef503e2b1449803e4ad18b8100180280254
159b4da7e1be69f72f4801a1287af455735447c28810185429bc0c76aba5d315
2cabbccc3abc56ba8fcea48e3cf4b167617de9647cb4d28ace844fc4ebfebbff
312b9fa9a58397fe88dd293b3287c3ef83b91c3233ca941aa9d0e2d600fb6a33
32f130f5fa6c1621ff325fbddb92709681cb0f96237cf078360c8d2a906e092a
339f840b1f051d091fe70d754877985fec24266c4bce3a802ddb3021b0e8f1c7
3ad980455c28e8579e19ed39493fddc9c464998500f95d06f8b01a311f11e575
4ba5c0cd6a79223cd567da082eeb202f02f71caa47d522b0cbcc25b19b8ceebd
7cdfb3c9638d76088f839359838c8e866fd157949b39966fa8843c8fe0b09a9d
7e63762fbab14eac8384547a3338fca31c947bdbe802a0944d23a777bd0da5ad
87be25fa203159ba017f3b3a4d79abc0898a199f8b8b780385e1e783dbc44c68
8fbe7f781ca130b05f7b27bd0c4563c9976739a1541aa0e453207e8ec764afec
92150a96d7efb35880a4e1503b678c76d5e35858f8eb360cadf388954767caec
9a577180d63af91b2384c9209e114325399e7877159eb06cfaeb8e3ac16d87f9
b768935f52cf68fde3ed1e5c9d497c747e6425deb4035a697f8ce276753b3962
b9b8771889fac9b7f0d14611d7b5a257364719a952569670652f866a0d92cd82
c5b6e712910f35c5e850aa95adcda17d057f5d5f625506f309fc27149ed7991c
e35a2ef4a53b81daf35cd980bd377ca19ce87b2afe14870c3ce9ff6e0d6c0ea0
e49fa26ee4876e79e8c467cd465ea52c16976a5b5d48eb0debd21f9ca0e20f4f
e8fd3721a2dfeb01dd220ac76edabb0216889247bafc76068dd5f39cf1cf87f2
ed33d7f4f22faa3594f25315e00524e843a63c4f6133db6cd3aec78c4249d65c
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
fcbd46dee459d1e1f7679173da6c79e700489adaacbe6e2d1c51438c2aaf7c0a