urlscan.io logo urlscan.io
SecurityTrails logo

rakuten-safeo.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2c8d  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trix.qw1.shop/uid?t=ty2@gol.com
Effective URL: https://rakuten-safeo.pages.dev/vc
Submission Tags: gc
Submission: On May 30 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 2606:4700:310c::ac42:2c8d, located in United States and belongs to CLOUDFLARENET, US. The main domain is rakuten-safeo.pages.dev.
TLS certificate: Issued by E1 on May 16th 2023. Valid for: 3 months.
This is the only time rakuten-safeo.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Rakuten (E-commerce)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 21 2606:4700:310... 13335 (CLOUDFLAR...)
2 35.189.135.172 396982 (GOOGLE-CL...)
24 4
Apex Domain
Subdomains		 Transfer
21 pages.dev
rakuten-safeo.pages.dev
115 KB
2 linkpc.net
aulink.linkpc.net
4 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 875
7 KB
1 qw1.shop
trix.qw1.shop
812 B
24 4
Domain Requested by
21 rakuten-safeo.pages.dev 1 redirects trix.qw1.shop
rakuten-safeo.pages.dev
2 aulink.linkpc.net rakuten-safeo.pages.dev
1 static.cloudflareinsights.com trix.qw1.shop
1 trix.qw1.shop
24 4

This site contains links to these domains. Also see Links.

Domain
ichiba.faq.rakuten.net
member.id.rakuten.co.jp
privacy.rakuten.co.jp
Subject Issuer Validity Valid
qw1.shop
GTS CA 2P2		 2023-05-16 -
2023-08-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
rakuten-safeo.pages.dev
E1		 2023-05-16 -
2023-08-14		 3 months crt.sh
aulink.publicvm.com
R3		 2023-03-30 -
2023-06-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://rakuten-safeo.pages.dev/vc
Frame ID: 1EAE3C589510CA8D5FF83143D372A0EA
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

【楽天】ログイン

Page URL History Show full URLs

  1. https://trix.qw1.shop/uid?t=ty2@gol.com Page URL
  2. https://rakuten-safeo.pages.dev/ Page URL
  3. https://rakuten-safeo.pages.dev/vc.html HTTP 308
    https://rakuten-safeo.pages.dev/vc Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

127 kB
Transfer

210 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trix.qw1.shop/uid?t=ty2@gol.com Page URL
  2. https://rakuten-safeo.pages.dev/ Page URL
  3. https://rakuten-safeo.pages.dev/vc.html HTTP 308
    https://rakuten-safeo.pages.dev/vc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
uid
trix.qw1.shop/ 		457 B
812 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trix.qw1.shop/uid?t=ty2@gol.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:878e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
7cf2b23fdc228a84-NRT
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 30 May 2023 00:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xn4eNnifbI2ft8IHbQ5nR9pVP3LjlqJnUemugwlAObDR%2F%2BZOPz3Lm08eYRjOc%2Bnra6yOSZw6ARnP%2FaLKwi%2FJpPN4cuUj5UCo7ZFhQ02AwZS52UWgGIXwdqPTwS%2FhHsQYa2OZ%2BumiRypIPtF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by
Host: trix.qw1.shop
URL: https://trix.qw1.shop/uid?t=ty2@gol.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://trix.qw1.shop/
Origin
https://trix.qw1.shop
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:21 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 20:41:48 GMT
server
cloudflare
etag
W/2023.4.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7cf2b2476e9be378-NRT
/
rakuten-safeo.pages.dev/ 		68 B
621 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rakuten-safeo.pages.dev/
Requested by
Host: trix.qw1.shop
URL: https://trix.qw1.shop/uid?t=ty2@gol.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
044080ca16ba9c6e2b1dfe55678e2d8fbb42591b2832525f42012c68c24259b1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://trix.qw1.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
ja-JP

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b247cfc1e09c-NRT
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 30 May 2023 00:00:21 GMT
etag
W/"115ed82a84ac73ceda9b11aa91556e64"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzOARY%2BXz8kHb2%2BZ5wJpB7STZi55QTaSvICramzq1VWfkIEprzqPnmz%2BewOpL65RSx0RXTcVeI9Vn7%2B7s2Ijc5pql2ezuQCEL0KBIIwnCNgkV7BDK8CF2nGBoTB2%2FHtYNHgcW%2BzxOkjgroeNo9WLEcZST0Bnxw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
getpage1.js
rakuten-safeo.pages.dev/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rakuten-safeo.pages.dev/assets/js/getpage1.js
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d98db8cb1cef86095f4615cc642d2a53355e20db7bf3224f2da851d36ccb57a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:21 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3d484110a39ffec9cd7719705849869f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRr8JZ4Vd%2F0aab17rwK%2FBL0ToqPOphojxMT0hR5tKQysbrW0ReurCFIxrPxQJEM1xP1mA9Yy%2FdoKEHcPpWq9kT2hjPU9HOgfSz31wfNTSRH5i69gzL0oLPbJ9qqy1gMjKMPMonkKTyO56uFcvvCeBMNLiG%2FGig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b247ffd8e09c-NRT
alt-svc
h3=":443"; ma=86400
source.php
aulink.linkpc.net/ 		101 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aulink.linkpc.net/source.php?page=index
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/js/getpage1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.135.172 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
172.135.189.35.bc.googleusercontent.com
Software
Apache /
Resource Hash

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:21 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, DELETE,PATCH,PUT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
content-length
97
Primary Request vc
rakuten-safeo.pages.dev/
Redirect Chain
  • https://rakuten-safeo.pages.dev/vc.html
  • https://rakuten-safeo.pages.dev/vc
67 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rakuten-safeo.pages.dev/vc
Requested by
Host: trix.qw1.shop
URL: https://trix.qw1.shop/uid?t=ty2@gol.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da1c74f19709a743d994188c6872d77a8d05d1500e29e0dd6fbea4be2a438961
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rakuten-safeo.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
ja-JP

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b24c7b6d34b1-NRT
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 30 May 2023 00:00:22 GMT
etag
W/"ccdce00fd1b30bda97470357fa0cf19d"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvXrQCFbhRyheI4TylRjLOA%2FuqgArQFsPAnynydQHRvAlcYRhOc2%2B2X9yzFHWaJLlgmRlDbOZet5xaLLOPt%2BuAbfNg4mYv9oghG2g4lLwbsVjLfuD6nvJp1aYkqIasN4I4NwMObcjGYo1Y9%2BsDkjoDGU6ctb5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-ray
7cf2b24c5b5d34b1-NRT
content-length
0
date
Tue, 30 May 2023 00:00:22 GMT
location
/vc
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDLVECw9egZNCH30wB1%2FElzNBI1CK8refkHZg9HDF5a1s%2BfyxzpoPdlcBQ0XE9P1bmbXFfgEQSxIO4gdHlE110fEK%2F3IEvTd2QfDzXSs6bKG%2BifzcHwkfaoZEW3AvzNZbIeob75pfCF2f4wKZAVaqES9hpTZRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
getpage.js
rakuten-safeo.pages.dev/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rakuten-safeo.pages.dev/assets/js/getpage.js
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/vc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3467c8f90ca2de51bbf93e7e13a3294b1a74cdfeff5a28f4d616e186f4191ce3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/vc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:22 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3632d06f44c9f4de560ad51912238bd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgw304SmlJzdtXJXs%2Bc8%2BPNChGPukdUaibTAnlycUZh%2FIrp8tXggjIlyuauePrb0Iipvrh1Q9JCNeIqL5TGMlzbhmBIQ%2FYs09zx%2FXVwMOqHzUJGLoZxFnujTz0sNreQ75CDTVAIdjhPl76uViu9hOOKdd43Rug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b24cab8334b1-NRT
alt-svc
h3=":443"; ma=86400
source.php
aulink.linkpc.net/ 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aulink.linkpc.net/source.php?page=vc
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/js/getpage.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.135.172 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
172.135.189.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
c6ab9a24dc120eddc1312d3389f949f1741b0e78b9ebd407461ac1fcb91f378e

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:22 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, DELETE,PATCH,PUT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
content-length
4052
common_login.css
rakuten-safeo.pages.dev/assets/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rakuten-safeo.pages.dev/assets/css/common_login.css
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/js/getpage.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb37c7c883a72423971977322817215cdc7ff2c3f67ad7572855cd6c71953e66
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/vc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3cd36526ef204b3182286dea1b243ee0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BBJRyfhNTZieweQ48KJmzZwQ6eiYJYpLvpfWhMoBS8gvKqrwS1%2Fxe%2FOlxLPC8i9WhabZP0aNTllnlY7GSmp4f2Dl%2BJ5Z6wRUB%2BXJbLkYTMjJNM1%2B64ZPRa1eZEZJoFo45UF89Mi38nBR8nnEdJrLd5sBDzoiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b24ffd9334b1-NRT
alt-svc
h3=":443"; ma=86400
login_style.css
rakuten-safeo.pages.dev/assets/css/ 		829 B
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rakuten-safeo.pages.dev/assets/css/login_style.css
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/js/getpage.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9e0d41e750f6fd48e598e8a9461e313e7870d2c7e3022827a8e0126e3687cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/vc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e43736ac32ae88fad7e5e518d22ce2f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SksUgPIMagQBczq9HgPxyyCuZ4Q%2BX8qTJW6FyejlLVo8MjuTHWZzULfyMoiWf30mAV1UliPk8oYKxrl1XLM7BLPY%2FCULeO%2FwrF95Xl4WrKcoCK1fOLkdfPhJw5EwLORTlEUrgvCjjm6SUl9adJpIIAEaS0UBEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b24ffd9434b1-NRT
alt-svc
h3=":443"; ma=86400
common_style.css
rakuten-safeo.pages.dev/assets/css/ 		796 B
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rakuten-safeo.pages.dev/assets/css/common_style.css
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/js/getpage.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbc7429429d3a7679d829295e27b492fcfd1fa7754bea8da1e7072b7358b71a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/vc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"cfd70a6dec07fcbac85c85f03817ef4c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BFbJMYYJaHY4KVe9c4Y1eyKLSGjUa35oWxoCs8P%2FP8J4fVlGF0KtDZcN5SESirIvCMcvLUucvNXiAZZU5%2FjsANU9SGrP7hPq33jVQaAIZIcxQVLL9a4RAotYjGMl5ny7HdIUi4QrZryGdfTyUWlrM1syuJ6Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b24ffd9834b1-NRT
alt-svc
h3=":443"; ma=86400
common.js
rakuten-safeo.pages.dev/assets/js/ 		44 B
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rakuten-safeo.pages.dev/assets/js/common.js
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/js/getpage.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69c99c22d62f18992fc22d6febed94afad5333a96c3bae413513807b891f4133
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/vc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"50e40b618411bd8aa1dd6894e84cb61c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkFetkGH%2FkWnOxmJiSrX0Sh9pZ9qK0BuObl4zO9ni1MnTUyLW6f%2FiXyllalygqSLoNiI3fhZYlDpxYu2aWXjVHVTmrDWOl6tlcTDwLrDzqwR9cpVaGDDXRwrranqimyhnxTtVIlzdB8F4f5Sncnjh8SvtVJg9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b24ffd9934b1-NRT
alt-svc
h3=":443"; ma=86400
content-length
44
Modernizr.js
rakuten-safeo.pages.dev/assets/js/ 		0
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rakuten-safeo.pages.dev/assets/js/Modernizr.js
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/js/getpage.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/vc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a6afb12e4123b716c459ec5064b4061c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2w2zC9Bp%2BPNsAeHeCkmU0X0ISRIeeea9wnC2wzPIhRkI2HarXNun86vNIcmBQYajR52TqhfPnpxIymOeBX62pXf7YgL2CrXfsdc1%2F9Qvq9srUaQZBRxohGZaQbjflqD0K14SEGGYl4LXG41hc2BNRqvMLCXDfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b24ffd9a34b1-NRT
alt-svc
h3=":443"; ma=86400
content-length
0
jquery.min.js
rakuten-safeo.pages.dev/assets/js/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rakuten-safeo.pages.dev/assets/js/jquery.min.js
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/js/getpage.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/vc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"8320762ca17a596ca2b133b00156802d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFw76oVGtK6Ljhc%2FLCLLcTTN7h2CWvg7kGkXeKrkp8n38V9FPDSm8gJMdmRPJTQ1N5odLDu96m8eFPS4y70ii0mL5oOHxhmGw29fxJegsyl6BDAHSfl8LiwsRxdGLCU0DuSGgXb72IS0hHEWUUc%2FDLqIsKeYww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b24ffd9d34b1-NRT
alt-svc
h3=":443"; ma=86400
Rakuten_pc_32px@2x_wm.png
rakuten-safeo.pages.dev/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rakuten-safeo.pages.dev/assets/img/Rakuten_pc_32px@2x_wm.png
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/js/getpage.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da28d7a134d543417892f859bad07f0ac729296d84618a57d30b31810cea58a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/vc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"360f2d862359b6624284126371328485"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hm9dgR2plqJ04KwXRa76usaof%2F5%2BTcPH3DEOUkv9e93YmlZKcEjFblE0jKEkpxYlqB1L9g2%2FhK1nIsQJPTbzEs%2BhuQHy5SB85enUWMtpJfmYQHYdnZWwEWAFrVZUJgjK2yPyzaNB0nBekFgSaMyKdzPk0Kd3bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b2503db934b1-NRT
alt-svc
h3=":443"; ma=86400
content-length
3746
t.gif
rakuten-safeo.pages.dev/assets/gif/ 		43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rakuten-safeo.pages.dev/assets/gif/t.gif
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/js/getpage.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/vc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0acd7707568ed5075297b3f7f01d59af"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xN%2FMpLslj92wVJAkdjVQHSdtsdZ1WCh3VmwH6mjS%2FPPYC2NmBmIScUUVf7PcNeJfLZ4TcBayoML48cRZ2j%2FdQwbh%2FwsEf9FP6JaIEM5eKwmx8Ou8SCvX3KltDlW8BSRIiq6cpcqOLWB4p4wAnGMtpyuWiAo9AA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b2504dbc34b1-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
stop_540x249.png
rakuten-safeo.pages.dev/assets/img/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rakuten-safeo.pages.dev/assets/img/stop_540x249.png
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/js/getpage.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/vc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6189f25f31a94271e3f16863215d2197"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5P8MBwAgMIJeSyPE73qqNy3utWbc3SUCEkvwpr9sDNkM8QY9ut3Lx1sSlR%2FqLl3BK5XzP0yWPvgLCq3CJdYP%2FT9hY10EQ437G36Vj%2F87zuEIEGuI3zzXiwpyDm00TinHP0%2BCzFNP8xBnpOh9H%2BcYfY9e81aMAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b2504dce34b1-NRT
alt-svc
h3=":443"; ma=86400
content-length
58080
Rakuten_pc_20px@2x.png
rakuten-safeo.pages.dev/assets/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rakuten-safeo.pages.dev/assets/img/Rakuten_pc_20px@2x.png
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/js/getpage.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62775ef2856f63d6399abc1d54077916df8d62b16414816012b9ff0fad4efada
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/vc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"eaae755724388764aaa84daf90dab2e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxRnRzJs9emQEdK3%2BWn8S%2Bbg7bpuRyzlfGhWVD9HQhB%2BlrjJwa08VxAGY7sAaj4PomlYEW%2B9AFpASPjPZBlUANSzm4GHJdpR%2F6yKQIQwwXOYwFPMTDpcGWn%2F275sK8q6J1HDI%2FMVnr5eBMIYskwEszcEVsIxrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b2504dcf34b1-NRT
alt-svc
h3=":443"; ma=86400
content-length
2484
pop.gif
rakuten-safeo.pages.dev/assets/gif/ 		75 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rakuten-safeo.pages.dev/assets/gif/pop.gif
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/js/getpage.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ab9a4d7f597471f82e8ebc6019525cd45f81decff7853062056a3c3417eba59
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/vc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"85446c71992ae287d555284ffa8dda3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXXCocwbiQFw2ZyWmZIEScDn0WShxCnxnArpeOAcVjoP%2B4b9gweAWHz6wqbS7tnGnNt%2Byrg2CeJBK1Meyg9PDFe3bIjRbjvGubkTmsYc%2FjT1QTJS%2BYdyYxTUDK97Mc0cfs6E9wkvTZWWAjHBaVIKBEmhU%2FoC4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b2504dd034b1-NRT
alt-svc
h3=":443"; ma=86400
content-length
75
email-decode.min.js
rakuten-safeo.pages.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rakuten-safeo.pages.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/js/getpage.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/vc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 May 2023 08:39:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646f1eba-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vi8vQKTpGUfr3Ow7ssTkbLDK2zohBAnCdqXLQVmeP%2B1AqjAWKcohBUP6QdsXNKAY9IGmjlIZDvvkGV%2FH2e%2Bs%2FdK7nwODc57%2BK6K0wWkAPyWz6AKvdTpNtkVVjkdcXXtnvjqLqvnUAM%2BPLrGeQZPl%2BbnEVydPNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7cf2b2500d9e34b1-NRT
expires
Thu, 01 Jun 2023 00:00:23 GMT
bg_btn_red_btm.gif
rakuten-safeo.pages.dev/assets/gif/ 		442 B
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rakuten-safeo.pages.dev/assets/gif/bg_btn_red_btm.gif
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/css/common_login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
175cf3a6b7549f715fffaddc3ec5c9f92717e7c5f63b7e36ea9592e091a80a67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/assets/css/common_login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2dd1211f08ff97fa973d0c13acee3de4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pmi2nmgiL4aWCtxhR2l8xGI0hpoyJ3XTEaKVYohU86iD8vTTfIysBGrRyOs576H4%2BShBZTck7EbSjz6Y3DAg4w7fm94bfAxNe9eS2C%2FBXt7GQ1UVIeWZ7YoDbAuYuBY%2Fz6eru4Kq0L7CPLdDqt1Ae7Sxt9LyQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b2505dd334b1-NRT
alt-svc
h3=":443"; ma=86400
content-length
442
bg_btn_red_top.gif
rakuten-safeo.pages.dev/assets/gif/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rakuten-safeo.pages.dev/assets/gif/bg_btn_red_top.gif
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/css/common_login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
849cd9d1c481a1b45559f5e833f40e13ee666842e6f8ba72c8e1cad9c8c15f6d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/assets/css/common_login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"97550224da9de4d7523b40b04972f7b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFCFWDxoGmEdnbv8FNpvOFkKmqV7NlRm6zl6pqkAYTqwg3lhX69TvpMSB9pbe9moY0pCWvQwdtJxddXStx8oAC2OerQbyGkHkB%2BkpaQOLtZEMp4K7Bx0TFvyvDFUyJFxp8VeAQOGCUPR7Q%2BdJeJgt9GsGROtww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b2505dd434b1-NRT
alt-svc
h3=":443"; ma=86400
content-length
1885
icon_btn_arrow.gif
rakuten-safeo.pages.dev/assets/gif/ 		60 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rakuten-safeo.pages.dev/assets/gif/icon_btn_arrow.gif
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/css/common_login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8aac016132945bbe5a1f88a60206628c5d7c12e69917cb5fcbee4a7c24440c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/assets/css/common_login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"695b1b4eeb773b375961f9c46adf575f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CddzE0UDrW90Y%2FT2BFqk74WK7lKWIjuG%2BDU4mI%2FTK6h8MOX3TDYbvZv7XGMPfBykg%2FLNB3v%2FKNtsOFVRlIxA0nKnZqEaEMLKQB00r6%2FDs2jfX1Vm%2FDJHqqCg6Obi%2F97QVAOVUYBav7QM2kPKkAhS%2FcFzBNTwRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b2505dd534b1-NRT
alt-svc
h3=":443"; ma=86400
content-length
60
info.gif
rakuten-safeo.pages.dev/assets/gif/ 		360 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rakuten-safeo.pages.dev/assets/gif/info.gif
Requested by
Host: rakuten-safeo.pages.dev
URL: https://rakuten-safeo.pages.dev/assets/css/common_login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33be38e33c8eb9aa13a4ed44c2e2813207bef13a5ba265818e485f0ebbc83f3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://rakuten-safeo.pages.dev/assets/css/common_login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 00:00:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4c4e7af1fb6547ee651b8409db12cfc1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gg%2BZpvvctdX06T3C0zEICkzpDKzJ55TVVYa4oEzSw3aExLR0Wfdb13UaVFE6w%2BgqVS5C9fRIYHGb0llyXmJXDs1E0t0Qr9xT%2F1hNOjNffQqhpge%2Bh%2FYi5w%2BZevv79i%2FBiE0m4U7K7%2F4gWplPV7897rFDG1o6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7cf2b2505dd734b1-NRT
alt-svc
h3=":443"; ma=86400
content-length
360

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Rakuten (E-commerce)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| pageName string| pathname object| req function| rf function| $ function| jQuery object| form object| submitBtn

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aulink.linkpc.net
rakuten-safeo.pages.dev
static.cloudflareinsights.com
trix.qw1.shop
2606:4700:3033::ac43:878e
2606:4700:310c::ac42:2c8d
2606:4700::6810:3865
35.189.135.172
044080ca16ba9c6e2b1dfe55678e2d8fbb42591b2832525f42012c68c24259b1
0c9e0d41e750f6fd48e598e8a9461e313e7870d2c7e3022827a8e0126e3687cd
175cf3a6b7549f715fffaddc3ec5c9f92717e7c5f63b7e36ea9592e091a80a67
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
33be38e33c8eb9aa13a4ed44c2e2813207bef13a5ba265818e485f0ebbc83f3b
3467c8f90ca2de51bbf93e7e13a3294b1a74cdfeff5a28f4d616e186f4191ce3
3d98db8cb1cef86095f4615cc642d2a53355e20db7bf3224f2da851d36ccb57a
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
62775ef2856f63d6399abc1d54077916df8d62b16414816012b9ff0fad4efada
69c99c22d62f18992fc22d6febed94afad5333a96c3bae413513807b891f4133
6da28d7a134d543417892f859bad07f0ac729296d84618a57d30b31810cea58a
7ab9a4d7f597471f82e8ebc6019525cd45f81decff7853062056a3c3417eba59
7dbc7429429d3a7679d829295e27b492fcfd1fa7754bea8da1e7072b7358b71a
849cd9d1c481a1b45559f5e833f40e13ee666842e6f8ba72c8e1cad9c8c15f6d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb37c7c883a72423971977322817215cdc7ff2c3f67ad7572855cd6c71953e66
c6ab9a24dc120eddc1312d3389f949f1741b0e78b9ebd407461ac1fcb91f378e
d8aac016132945bbe5a1f88a60206628c5d7c12e69917cb5fcbee4a7c24440c6
da1c74f19709a743d994188c6872d77a8d05d1500e29e0dd6fbea4be2a438961
e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855