uikui.com
Open in
urlscan Pro
43.163.199.37
Malicious Activity!
Public Scan
Effective URL: https://uikui.com/login.php
Submission Tags: phishing kuroneko Search All
Submission: On August 31 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on August 30th 2023. Valid for: 3 months.
This is the only time uikui.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Yamato Transport (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 43.163.208.170 43.163.208.170 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
1 7 | 43.163.199.37 43.163.199.37 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
8 | 23.195.88.235 23.195.88.235 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 172.217.161.67 172.217.161.67 | 15169 (GOOGLE) (GOOGLE) | |
17 | 4 |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
fujiangupiaopingtai.cn |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
uikui.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-195-88-235.deploy.static.akamaitechnologies.com
auth.kms.kuronekoyamato.co.jp |
ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f3.1e100.net
www.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
kuronekoyamato.co.jp
auth.kms.kuronekoyamato.co.jp |
35 KB |
7 |
uikui.com
1 redirects
uikui.com |
129 KB |
1 |
gstatic.com
www.gstatic.com |
5 KB |
1 |
fujiangupiaopingtai.cn
1 redirects
fujiangupiaopingtai.cn |
86 B |
0 |
bootcdn.net
Failed
cdn.bootcdn.net Failed |
|
17 | 5 |
Domain | Requested by | |
---|---|---|
8 | auth.kms.kuronekoyamato.co.jp |
uikui.com
auth.kms.kuronekoyamato.co.jp |
7 | uikui.com |
1 redirects
uikui.com
|
1 | www.gstatic.com |
uikui.com
|
1 | fujiangupiaopingtai.cn | 1 redirects |
0 | cdn.bootcdn.net Failed |
uikui.com
|
17 | 5 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
uikui.com R3 |
2023-08-30 - 2023-11-28 |
3 months | crt.sh |
*.kms.kuronekoyamato.co.jp DigiCert TLS RSA SHA256 2020 CA1 |
2023-03-01 - 2024-03-03 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://uikui.com/login.php
Frame ID: D96B34DC7E1C20988D7C8501F534B7D0
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
ログイン | クロネコメンバーズPage URL History Show full URLs
-
https://fujiangupiaopingtai.cn/
HTTP 302
https://uikui.com/ HTTP 302
https://uikui.com/login.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
23 Outgoing links
These are links going to different origins than the main page.
Title: 再配達依頼
Search URL Search Domain Scan URL
Title: Myカレンダーサービス
Search URL Search Domain Scan URL
Title: お届け予定通知
Search URL Search Domain Scan URL
Title: ご不在連絡通知
Search URL Search Domain Scan URL
Title: 宅急便をスマホで送る
Search URL Search Domain Scan URL
Title: 集荷申し込み
Search URL Search Domain Scan URL
Title: 宅配ロッカー発送サービス
Search URL Search Domain Scan URL
Title: 自宅で送り状発行
Search URL Search Domain Scan URL
Title: らくらく送り状発行サービス
Search URL Search Domain Scan URL
Title: お届け完了通知
Search URL Search Domain Scan URL
Title: 梱包材の購入
Search URL Search Domain Scan URL
Title: お届け先アドレス帳
Search URL Search Domain Scan URL
Title: ご依頼主アドレス帳
Search URL Search Domain Scan URL
Title: 保険
Search URL Search Domain Scan URL
Title: 見守りサービス
Search URL Search Domain Scan URL
Title: にゃんPay
Search URL Search Domain Scan URL
Title: 転居転送サービス
Search URL Search Domain Scan URL
Title: 料金・お届け予定日
Search URL Search Domain Scan URL
Title: 営業所・取扱店の情報
Search URL Search Domain Scan URL
Title: 担当店・担当ドライバー
Search URL Search Domain Scan URL
Title: プロフィール
Search URL Search Domain Scan URL
Title: 他社ID連携
Search URL Search Domain Scan URL
Title: ホーム
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://fujiangupiaopingtai.cn/
HTTP 302
https://uikui.com/ HTTP 302
https://uikui.com/login.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.php
uikui.com/ Redirect Chain
|
27 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.d9ce12f3.chunk.css
auth.kms.kuronekoyamato.co.jp/auth/static/css/ |
227 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13.02d0eae0.chunk.css
auth.kms.kuronekoyamato.co.jp/auth/static/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.12cb700a.chunk.css
auth.kms.kuronekoyamato.co.jp/auth/static/css/ |
507 B 654 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14.8e59e16a.chunk.css
auth.kms.kuronekoyamato.co.jp/auth/static/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
22.92265196.chunk.css
auth.kms.kuronekoyamato.co.jp/auth/static/css/ |
58 B 444 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
12.95bfae83.chunk.css
auth.kms.kuronekoyamato.co.jp/auth/static/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site-jquery.min.js
uikui.com/admin/im/ |
91 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layui.js
uikui.com/admin/im/ |
284 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
layer.min.css
cdn.bootcdn.net/ajax/libs/layer/3.5.1/theme/default/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/ |
25 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-group.1072426d.svg
auth.kms.kuronekoyamato.co.jp/auth/static/media/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
laydate.css
uikui.com/admin/im/css/modules/laydate/default/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layer.css
uikui.com/admin/im/css/modules/layer/default/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
code.css
uikui.com/admin/im/css/modules/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-checkbox.10bb486a.svg
auth.kms.kuronekoyamato.co.jp/auth/static/media/ |
235 B 574 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
api.php
uikui.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdn.bootcdn.net
- URL
- https://cdn.bootcdn.net/ajax/libs/layer/3.5.1/theme/default/layer.min.css
- Domain
- uikui.com
- URL
- https://uikui.com/api.php?act=ip_save&_r=0.8325556577317748
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Yamato Transport (Transportation)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery object| layui function| lay number| errors object| layer object| jQuery11010167860673432752131 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
uikui.com/ | Name: PHPSESSID Value: 171vnu3292gmr5fphi45mcd7cs |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.kms.kuronekoyamato.co.jp
cdn.bootcdn.net
fujiangupiaopingtai.cn
uikui.com
www.gstatic.com
cdn.bootcdn.net
uikui.com
172.217.161.67
23.195.88.235
43.163.199.37
43.163.208.170
09c8ae6b88b285be2b79182868239ee5cbe2bcb81db04085980d0c93710f71bb
1ebd8c829000cedeb406fed7213e8891ca0358ef5258fb1c5d0475d4603a895e
26dde8e017d2839076f26e77aee53c91f526ea3ebe4f6b9daa17d8d7b1288351
5994332aadd364a7350ad226ef61c1c75dc97372f739e01682e190be3abaf672
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
8b63cf1fe86c4d0d0d76cc40f73ef441d331044cc8956a7428893710d381d4f4
a531913b92863a94f364f68cc584f764038e85094b5ce67939eb1bdeed80bea0
bb5ef8b752297cdfb9d693164697a0b40c001213f188512582a39e3f4183e30c
bbfe1536a99000acceb61f549aa59354cc596efc9f10d3843aab6b273f5adb1e
f552a445e6d3f9180c8f648e9287c74d2d24a9e865dd5e7385d5c1d5ae700814
f62b06e7eb5a5bcf2b488e84ddbdf094463348f17d971f7606838864000eee5b