rakutenn.wbg-uuk1.shop
Open in
urlscan Pro
134.122.188.174
Malicious Activity!
Public Scan
Submission Tags: gc
Submission: On August 15 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on August 13th 2023. Valid for: 3 months.
This is the only time rakutenn.wbg-uuk1.shop was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Rakuten (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 16 | 134.122.188.174 134.122.188.174 | 64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN) | |
13 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
wbg-uuk1.shop
3 redirects
rakutenn.wbg-uuk1.shop |
196 KB |
13 | 1 |
Domain | Requested by | |
---|---|---|
16 | rakutenn.wbg-uuk1.shop |
3 redirects
rakutenn.wbg-uuk1.shop
|
13 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
my.rakuten.co.jp |
www.rakuten.co.jp |
ichiba.faq.rakuten.co.jp |
static.id.rakuten.co.jp |
www.jpcert.or.jp |
member.id.rakuten.co.jp |
ichiba.faq.rakuten.net |
privacy.rakuten.co.jp |
rnknteo-jp.khqvf.xyz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
rakutenn.wbg-uuk1.shop R3 |
2023-08-13 - 2023-11-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://rakutenn.wbg-uuk1.shop/all/login.php
Frame ID: 7A6A3DF55CA94C11BE2B802451510332
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
ログイン|ラクマ 人気ブランドが通販できるフリマアプリPage URL History Show full URLs
-
https://rakutenn.wbg-uuk1.shop/all/login.php
HTTP 302
https://rakutenn.wbg-uuk1.shop/ Page URL
-
https://rakutenn.wbg-uuk1.shop/index.php?t=44ffe4f0af281a064a4f12ed571bc2c0a148789f1d11317eea52c3c00f2090d1
HTTP 302
https://rakutenn.wbg-uuk1.shop/tiaozhuan.php HTTP 302
https://rakutenn.wbg-uuk1.shop/all/login.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Akamai Bot Manager (Security) Expand
Detected patterns
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: 楽天市場へ
Search URL Search Domain Scan URL
Title: ヘルプ
Search URL Search Domain Scan URL
Title: こちら
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: ユーザID・パスワードを忘れた場合はこちら
Search URL Search Domain Scan URL
Title: 詳細はこちら
Search URL Search Domain Scan URL
Title: 個人情報保護方針
Search URL Search Domain Scan URL
Title: ユーザID・パスワードを忘れた場合
Search URL Search Domain Scan URL
Title: ヘルプ
Search URL Search Domain Scan URL
Title: 楽天会員に新規登録(無料)してサービスを利用する
Search URL Search Domain Scan URL
Title: 楽天会員とは?
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://rakutenn.wbg-uuk1.shop/all/login.php
HTTP 302
https://rakutenn.wbg-uuk1.shop/ Page URL
-
https://rakutenn.wbg-uuk1.shop/index.php?t=44ffe4f0af281a064a4f12ed571bc2c0a148789f1d11317eea52c3c00f2090d1
HTTP 302
https://rakutenn.wbg-uuk1.shop/tiaozhuan.php HTTP 302
https://rakutenn.wbg-uuk1.shop/all/login.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://rakutenn.wbg-uuk1.shop/all/login.php HTTP 302
- https://rakutenn.wbg-uuk1.shop/
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
rakutenn.wbg-uuk1.shop/ Redirect Chain
|
1 KB 969 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.23238u92u82.js
rakutenn.wbg-uuk1.shop/vendor/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login.php
rakutenn.wbg-uuk1.shop/all/ Redirect Chain
|
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.0.9624439085575081665565127688.css
rakutenn.wbg-uuk1.shop/all/ |
955 KB 126 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
biao.png
rakutenn.wbg-uuk1.shop/all/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t1.gif
rakutenn.wbg-uuk1.shop/all/ |
43 B 97 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
227.png
rakutenn.wbg-uuk1.shop/all/ |
57 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
583.png
rakutenn.wbg-uuk1.shop/all/ |
670 B 718 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pop1.gif
rakutenn.wbg-uuk1.shop/all/ |
75 B 121 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2fae23766f9995c7e835a97a65d79bb5ee393f0d.gif
rakutenn.wbg-uuk1.shop/all/ |
442 B 490 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a46c1695d26e867aad44374959f2d8b107e132df.gif
rakutenn.wbg-uuk1.shop/all/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0df7b4bd8fe8ae7fe2878db3af0e63805ad6828e.gif
rakutenn.wbg-uuk1.shop/all/ |
60 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
18c095c49341e2adefe2eccaad4f01a31adce9cc.gif
rakutenn.wbg-uuk1.shop/all/ |
360 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Rakuten (E-commerce)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
rakutenn.wbg-uuk1.shop/ | Name: PHPSESSID Value: acrrmas8dirfln38hb0ne8hljb |
|
.rakutenn.wbg-uuk1.shop/ | Name: 62345ba76168db0033ce8ae6a90ce5a762956614 Value: nwcMGFHjQc7nDOZDxhWlbg%3D%3D |
|
.rakutenn.wbg-uuk1.shop/ | Name: _amkc Value: 8d12683a-85fa-491b-b977-823c182a3b8d |
|
.rakutenn.wbg-uuk1.shop/ | Name: ak_bmsc Value: JgGVxRJWxiWUgoZiejEjpvNen%2FyGmy%2BrepvCraq%2BP%2B6N%2F80JsIJFL21ZfNCWelXD9fZF2pTrAVRpAJxPBeJhsf8syW4dMVDCaT3WAjcTwl2l7ZQjlajnlJkh7yb%2FFKX3ZscZh7V0kXHaMmzH1YaShotBKvT9eYa0vv%2FOviMPgMdm%2FN494XNMp1HwtFzbMOtpkWEoUV7hE%2F%2FpNekkS77ptZ2bmp1O02xIwiQpdpWStXY96yA04D0tV9FJtH4IYofFtyhQsoaqW2xpREw2AcbH7ZBfU3Al9yKGdBBQRyEEmi%2FBFcStr77G1JSjwqXGx%2FjS3Opmq4XWHmzVIU8moiIgjXJvcPjvDrMFPCzVWeImR0Ti52UmSc77JiTmTroLv1IG3I9SVeSG2eBDMDhgM4wS78lLiR%2B8y4meNYhd3iKjaFjZ%2ByraU7rkR2%2BFJzLX5mWEdk8gphpOro0eVzh%2BDQ2wQ9tkPtwlp2ekkBAkhESEn7QnmL9pUfKvc6cMZ7uXrb5Vyid8rgfsCwMlm5SkcKNOkKFBi7B37CEugUipE2dsfJ7%2BJ19FFmZ18eq9l22M6qEReHEDMRwph99c2P0DXSKE4azbNTXO3Zr4i%2BNL0%2BeFsPnhZ6QYX98d%2FKx6Fv7BoENsUQ6Y5sE1zvZvgp86%2BiOxjFkiiIlutNanjbp4MQPa6Fst%2BpooxL0YwFK0VbyqsZP%2FE0gzjot6wwJaDoYwAPuR868DXgBnz13smPRLp1LfN%2FqFVS8lfZ%2Bq9oUzTxLS280r |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
rakutenn.wbg-uuk1.shop
134.122.188.174
175cf3a6b7549f715fffaddc3ec5c9f92717e7c5f63b7e36ea9592e091a80a67
33be38e33c8eb9aa13a4ed44c2e2813207bef13a5ba265818e485f0ebbc83f3b
62775ef2856f63d6399abc1d54077916df8d62b16414816012b9ff0fad4efada
789e1012934ea57c6c7a722a6950fdc382db8253f8f5b7d10f185ec475d8b798
7ab9a4d7f597471f82e8ebc6019525cd45f81decff7853062056a3c3417eba59
849cd9d1c481a1b45559f5e833f40e13ee666842e6f8ba72c8e1cad9c8c15f6d
ae52721b582bb82056f1ac44c9a59e7395fb3eeef7d4f81119f2f8adc32a89c8
ae9da3c9a568a7b3602dc54e10c324166db3abe1d3a6892770d6ce6a7cc8c1c6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
cd0a6790d79e1eb00f30611ba6e552e167998061ab9ddb2f6301a80bf36c8791
d56343b79893b1bf2adb6b90f159b8bb06b982cf461403a4c04f97608bc3aeb7
d8aac016132945bbe5a1f88a60206628c5d7c12e69917cb5fcbee4a7c24440c6
e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02