mercari-info.jp
Open in
urlscan Pro
115.144.69.115
Malicious Activity!
Public Scan
Submission: On September 16 via manual from JP — Scanned from JP
Summary
This is the only time mercari-info.jp was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Mercari (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 115.144.69.115 115.144.69.115 | 9286 (KINXIDC-A...) (KINXIDC-AS-KR KINX) | |
1 | 120.52.95.243 120.52.95.243 | 133119 (UNICOM-CN...) (UNICOM-CN China Unicom IP network) | |
1 | 183.131.207.66 183.131.207.66 | 136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA) | |
2 | 142.250.4.97 142.250.4.97 | 15169 (GOOGLE) (GOOGLE) | |
2 | 157.240.235.1 157.240.235.1 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 74.125.24.155 74.125.24.155 | 15169 (GOOGLE) (GOOGLE) | |
5 | 142.250.4.102 142.250.4.102 | 15169 (GOOGLE) (GOOGLE) | |
2 | 157.240.235.35 157.240.235.35 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 74.125.200.155 74.125.200.155 | 15169 (GOOGLE) (GOOGLE) | |
2 | 172.217.194.99 172.217.194.99 | 15169 (GOOGLE) (GOOGLE) | |
2 | 172.217.194.94 172.217.194.94 | 15169 (GOOGLE) (GOOGLE) | |
1 | 74.125.68.155 74.125.68.155 | 15169 (GOOGLE) (GOOGLE) | |
31 | 12 |
ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)
ia.51.la |
ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
PTR: sm-in-f102.1e100.net
www.google-analytics.com |
ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com |
ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
stats.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
mercari-info.jp
mercari-info.jp |
73 KB |
5 |
google-analytics.com
www.google-analytics.com |
21 KB |
2 |
google.co.jp
www.google.co.jp |
632 B |
2 |
google.com
www.google.com |
632 B |
2 |
doubleclick.net
googleads.g.doubleclick.net stats.g.doubleclick.net |
2 KB |
2 |
facebook.com
www.facebook.com |
507 B |
2 |
facebook.net
connect.facebook.net |
114 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
110 KB |
2 |
51.la
js.users.51.la ia.51.la |
6 KB |
1 |
googleadservices.com
www.googleadservices.com |
14 KB |
31 | 10 |
Domain | Requested by | |
---|---|---|
11 | mercari-info.jp |
mercari-info.jp
|
5 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | www.google.co.jp |
mercari-info.jp
|
2 | www.google.com |
mercari-info.jp
|
2 | www.facebook.com |
mercari-info.jp
|
2 | connect.facebook.net |
mercari-info.jp
connect.facebook.net |
2 | www.googletagmanager.com |
mercari-info.jp
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | ia.51.la |
mercari-info.jp
|
1 | js.users.51.la |
mercari-info.jp
|
31 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google-analytics.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-07-20 - 2021-10-18 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.google.co.jp GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://mercari-info.jp/
Frame ID: 78B133E146A10E237A7B1CF3F71BE14C
Requests: 31 HTTP requests in this frame
Screenshot
Page Title
電話番号の確認 - メルカリ スマホでかんたん フリマアプリDetected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 15- http://www.googletagmanager.com/gtag/js?id=G-4NLR7T2LEN&l=dataLayer&cx=c HTTP 307
- https://www.googletagmanager.com/gtag/js?id=G-4NLR7T2LEN&l=dataLayer&cx=c
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
mercari-info.jp/ |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.jp.css
mercari-info.jp/css/ |
343 KB 65 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
21191397.js
js.users.51.la/ |
5 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
mercari-info.jp/img/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-gray.svg
mercari-info.jp/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
go1
ia.51.la/ |
0 216 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Semibold.ttf.woff2
mercari-info.jp/jp/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Regular.ttf.woff2
mercari-info.jp/jp/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-font.woff
mercari-info.jp/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
202 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Semibold.otf.woff
mercari-info.jp/jp/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Regular.otf.woff
mercari-info.jp/jp/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-font.ttf
mercari-info.jp/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Regular.ttf
mercari-info.jp/jp/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3765626403484289
connect.facebook.net/signals/config/ |
306 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ Redirect Chain
|
127 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
conversion_async.js
www.googleadservices.com/pagead/ |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 170 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 416 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/880621981/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/880621981/ |
42 B 569 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.jp/pagead/1p-user-list/880621981/ |
42 B 569 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
7 B 465 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.co.jp/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Mercari (E-commerce)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster object| onorientationchange number| orientation object| dataLayer function| fbq function| _fbq object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal function| onYouTubeIframeAPIReady function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaData11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mercari-info.jp/ | Name: PHPSESSID Value: 2vg4lqcidiuep2afatbgkg27a7 |
|
mercari-info.jp/ | Name: __tins__21191397 Value: %7B%22sid%22%3A%201631803728540%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201631805528540%7D |
|
mercari-info.jp/ | Name: __51cke__ Value: |
|
mercari-info.jp/ | Name: __51laig__ Value: 1 |
|
.mercari-info.jp/ | Name: _gcl_au Value: 1.1.1129777016.1631803729 |
|
.mercari-info.jp/ | Name: _fbp Value: fb.1.1631803729589.506852755 |
|
.mercari-info.jp/ | Name: _ga Value: GA1.2.1508759447.1631803730 |
|
.mercari-info.jp/ | Name: _gid Value: GA1.2.950820981.1631803730 |
|
.mercari-info.jp/ | Name: _gat Value: 1 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.mercari-info.jp/ | Name: _ga_4NLR7T2LEN Value: GS1.1.1631803729.1.0.1631803730.0 |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
googleads.g.doubleclick.net
ia.51.la
js.users.51.la
mercari-info.jp
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
115.144.69.115
120.52.95.243
142.250.4.102
142.250.4.97
157.240.235.1
157.240.235.35
172.217.194.94
172.217.194.99
183.131.207.66
74.125.200.155
74.125.24.155
74.125.68.155
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0f34f7d169129d40b428ac87ea520dce5c3acafe7d25699aaddf13a3b381d150
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1f2a94fcb339af6ba391e427462d5768c1034360a71bb86916aefa4ba0a24b30
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2eeb747198c47ffced7967aa661db7e8031fd17b705d4d856a455db168829b9b
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
993b2ded15ecc138a309b06169a07a35560fd01234717c0344a7b28979b77fd1
a5feea0a78c0027e0565b6f0cb360b65e67d24c4300defb266fa9ff1dc89e4a1
aaa7c8e816cb1c81ac4a96bc77aea1fd1f9c8b4a6939831332893ccff324de11
ad13c872922cb4e74347d611b02af3ef20560187f640aaf5b454a7f34a9bd0b6
c34314d5a1ed21e59573ab93bc0d603a844cae469c206baa62c595f07e96b1bd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5d97674df692a1990caf79ce8de45614f030ccac236363e79c83a654d199aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4c823301da0441f633837b7b207f4711269ff5c49e8d82f66df3324031a30cc
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62