www.roouoei.ml
Open in
urlscan Pro
2606:4700:3031::ac43:d6a4
Malicious Activity!
Public Scan
Effective URL: http://www.roouoei.ml/
Submission Tags: phishing rakuten Search All
Submission: On August 21 via api from JP — Scanned from JP
Summary
This is the only time www.roouoei.ml was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Rakuten (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 91.215.42.31 91.215.42.31 | 57724 (DDOS-GUARD) (DDOS-GUARD) | |
2 | 185.129.100.100 185.129.100.100 | 57724 (DDOS-GUARD) (DDOS-GUARD) | |
23 | 2606:4700:303... 2606:4700:3031::ac43:d6a4 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
29 | 4 |
ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
check.ddos-guard.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
roouoei.ml
www.roouoei.ml |
81 KB |
5 |
gg.gg
1 redirects
gg.gg — Cisco Umbrella Rank: 371107 |
102 KB |
2 |
ddos-guard.net
check.ddos-guard.net — Cisco Umbrella Rank: 216555 |
745 B |
29 | 3 |
Domain | Requested by | |
---|---|---|
23 | www.roouoei.ml |
gg.gg
www.roouoei.ml |
5 | gg.gg |
1 redirects
gg.gg
|
2 | check.ddos-guard.net |
gg.gg
|
29 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.ddos-guard.net Sectigo RSA Domain Validation Secure Server CA |
2022-07-25 - 2023-08-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.roouoei.ml/
Frame ID: 7694F37A8E2C2C78FD98D5FFE1F770DC
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
【楽天】ログインPage URL History Show full URLs
- http://gg.gg/120rvk Page URL
-
http://gg.gg/120rvk
HTTP 301
http://www.roouoei.ml/ Page URL
Detected technologies
CodeIgniter (Web Frameworks) ExpandDetected patterns
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://gg.gg/120rvk Page URL
-
http://gg.gg/120rvk
HTTP 301
http://www.roouoei.ml/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
120rvk
gg.gg/ |
8 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
555 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check
gg.gg/.well-known/ddos-guard/ |
91 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.js
check.ddos-guard.net/ |
152 B 492 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
gg.gg/.well-known/ddos-guard/mark/ |
0 143 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
XMCXmRSfmK49h6oL
gg.gg/.well-known/ddos-guard/id/ |
68 B 411 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XMCXmRSfmK49h6oL
check.ddos-guard.net/set/id/ |
68 B 253 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
www.roouoei.ml/ Redirect Chain
|
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ichiba_chat_appender_v1_0.css
www.roouoei.ml/static/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.12.4.min.js
www.roouoei.ml/static/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hint.js
www.roouoei.ml/static/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id.js
www.roouoei.ml/static/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common_login.css
www.roouoei.ml/static/css/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginstyle.css
www.roouoei.ml/static/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tls_alert.js
www.roouoei.ml/static/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tls12.js
www.roouoei.ml/static/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rakuten_pc_32px@2x_wm.png
www.roouoei.ml/static/picture/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.gif
www.roouoei.ml/static/picture/ |
43 B 793 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
count.php
www.roouoei.ml/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stop_540x249.png
www.roouoei.ml/static/picture/ |
57 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rakuten_pc_20px@2x.png
www.roouoei.ml/static/picture/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
challenger.js
www.roouoei.ml/static/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
challenger.css
www.roouoei.ml/static/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pop.gif
www.roouoei.ml/static/picture/ |
75 B 823 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sc_scode_switch.js
www.roouoei.ml/static/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rat-main.js
www.roouoei.ml/static/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_btn_red_btm.gif
www.roouoei.ml/static/images/ |
442 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_btn_red_top.gif
www.roouoei.ml/static/images/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_btn_arrow.gif
www.roouoei.ml/static/images/ |
60 B 808 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
info.gif
www.roouoei.ml/static/images/ |
360 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Rakuten (E-commerce)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation number| n number| dfpDelayId8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.gg.gg/ | Name: __ddgid_ Value: GdREGjJ4RoAchvgk |
|
.gg.gg/ | Name: __ddgmark_ Value: tIsRLcWRSO9NqvXu |
|
.gg.gg/ | Name: __ddg5_ Value: NozTL9MbkK4H6Zqn |
|
.check.ddos-guard.net/ | Name: __ddg2 Value: XMCXmRSfmK49h6oL |
|
.gg.gg/ | Name: __ddg2_ Value: XMCXmRSfmK49h6oL |
|
.gg.gg/ | Name: __ddg1_ Value: 5EVTbOjqrnB3bvUs9BhZ |
|
gg.gg/ | Name: ci_session Value: a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22b9e7e5efd660a0481ffa09062319082e%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A11%3A%22186.2.160.6%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A116%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1661070222%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D1d384c068a0a4b3752711ca3ac2327b3 |
|
.gg.gg/ | Name: gg_token Value: 35bfba8c2ef0bae38d350065efd0fce36301eb8e5abf71.74992907 |
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
check.ddos-guard.net
gg.gg
www.roouoei.ml
185.129.100.100
2606:4700:3031::ac43:d6a4
91.215.42.31
0d09c071eb51ca856189b72351d499a97adc6afd90e36ff2cc753dfa6392b15b
175cf3a6b7549f715fffaddc3ec5c9f92717e7c5f63b7e36ea9592e091a80a67
1e0cb14fdd97b3a92833be439d9678d33bcb441ed952583781d52713f04913eb
2771191104d71c188d9dbdb97ce74cc190b1bd377275e0201bef4648bfc0f186
33be38e33c8eb9aa13a4ed44c2e2813207bef13a5ba265818e485f0ebbc83f3b
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
62775ef2856f63d6399abc1d54077916df8d62b16414816012b9ff0fad4efada
6da28d7a134d543417892f859bad07f0ac729296d84618a57d30b31810cea58a
781f9640521a0e58c8bfa567d0b6646fd227fb85ff3530f737ebec5998633ce0
78cec57c09590cc44af8aa8213abe587e5d9afb78a3ca7dc1f5bc82c91d07e4a
7ab9a4d7f597471f82e8ebc6019525cd45f81decff7853062056a3c3417eba59
849cd9d1c481a1b45559f5e833f40e13ee666842e6f8ba72c8e1cad9c8c15f6d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d8aac016132945bbe5a1f88a60206628c5d7c12e69917cb5fcbee4a7c24440c6
e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ad60f8af33e8db9e91a6b54dab652bafd39d012cd299df50d7b1b5efbc9596
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710