rukatenshofuquqik2.xyz
Open in
urlscan Pro
204.44.76.170
Malicious Activity!
Public Scan
Submission: On March 30 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on March 30th 2022. Valid for: 3 months.
This is the only time rukatenshofuquqik2.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Rakuten (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 204.44.76.170 204.44.76.170 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
1 | 23.205.234.224 23.205.234.224 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
3 | 52.232.41.74 52.232.41.74 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 104.111.218.187 104.111.218.187 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
27 | 5 |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 204.44.76.170.static.quadranet.com
rukatenshofuquqik2.xyz |
ASN16625 (AKAMAI-AS, US)
PTR: a23-205-234-224.deploy.static.akamaitechnologies.com
static.id.rakuten.co.jp |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
challenger.api.global.rakuten.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-187.deploy.static.akamaitechnologies.com
a.ichiba.jp.rakuten-static.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
rukatenshofuquqik2.xyz
rukatenshofuquqik2.xyz |
117 KB |
3 |
rakuten.com
challenger.api.global.rakuten.com — Cisco Umbrella Rank: 370729 |
9 KB |
2 |
rakuten-static.com
a.ichiba.jp.rakuten-static.com — Cisco Umbrella Rank: 126947 |
3 KB |
1 |
rakuten.co.jp
static.id.rakuten.co.jp — Cisco Umbrella Rank: 603072 www.rakuten.co.jp Failed |
11 KB |
27 | 4 |
Domain | Requested by | |
---|---|---|
20 | rukatenshofuquqik2.xyz |
rukatenshofuquqik2.xyz
|
3 | challenger.api.global.rakuten.com |
rukatenshofuquqik2.xyz
challenger.api.global.rakuten.com |
2 | a.ichiba.jp.rakuten-static.com |
rukatenshofuquqik2.xyz
|
1 | static.id.rakuten.co.jp |
rukatenshofuquqik2.xyz
|
0 | www.rakuten.co.jp Failed |
rukatenshofuquqik2.xyz
|
27 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
rukatenshofuquqik.xyz R3 |
2022-03-30 - 2022-06-28 |
3 months | crt.sh |
*.id.rakuten.co.jp DigiCert SHA2 Secure Server CA |
2021-07-19 - 2022-07-27 |
a year | crt.sh |
*.api.global.rakuten.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-08-27 - 2022-09-21 |
a year | crt.sh |
*.ichiba.jp.rakuten-static.com GeoTrust RSA CA 2018 |
2021-09-25 - 2022-09-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://rukatenshofuquqik2.xyz/
Frame ID: F19CF14284CBE845F2E8D06A1DD46BC1
Requests: 27 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
rukatenshofuquqik2.xyz/ |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
import.css
rukatenshofuquqik2.xyz/static/css/ |
85 B 187 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.min.js
rukatenshofuquqik2.xyz/static/js/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
rukatenshofuquqik2.xyz/static/js/ |
634 B 412 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
rukatenshofuquqik2.xyz/static/js/ |
2 KB 635 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id-dfp.js
rukatenshofuquqik2.xyz/static/js/ |
370 B 333 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tls_alert.js
rukatenshofuquqik2.xyz/static/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tls12.js
rukatenshofuquqik2.xyz/static/js/ |
28 B 97 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Rakuten_sp_28px@2x.png
rukatenshofuquqik2.xyz/static/picture/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
challenger-ja-JP_1b7275d2-e5ab-4.js
rukatenshofuquqik2.xyz/static/js/ |
826 B 452 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
challenger-1b7275d2-e5ab-4f37-ac.css
rukatenshofuquqik2.xyz/static/css/ |
2 KB 667 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pop.gif
rukatenshofuquqik2.xyz/static/picture/ |
187 B 242 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stop_540x249.png
rukatenshofuquqik2.xyz/static/picture/ |
57 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sc_scode_switch.js
rukatenshofuquqik2.xyz/static/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rat-main.js
rukatenshofuquqik2.xyz/static/js/ |
34 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.css
rukatenshofuquqik2.xyz/static/css/ |
2 KB 836 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id.css
rukatenshofuquqik2.xyz/static/css/ |
17 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
psm_style.css
rukatenshofuquqik2.xyz/static/css/ |
3 KB 696 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id173fe346f08f1be6ee139ee82913b43c.js
static.id.rakuten.co.jp/static/ |
36 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_circle.gif
rukatenshofuquqik2.xyz/static/image/ |
454 B 524 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
challenger_ja-JP.js
challenger.api.global.rakuten.com/static/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron.png
rukatenshofuquqik2.xyz/static/image/ |
371 B 419 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
c
challenger.api.global.rakuten.com/v1.0/ |
565 B 913 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s_accountSetting.js
a.ichiba.jp.rakuten-static.com/com/rat/id.rakuten.co.jp/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s_codeCommon.js
a.ichiba.jp.rakuten-static.com/com/rat/id.rakuten.co.jp/ |
2 KB 1013 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
s_customTracking.js
www.rakuten.co.jp/com/rat/id.rakuten.co.jp/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m
challenger.api.global.rakuten.com/v1.0/ |
44 B 450 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.rakuten.co.jp
- URL
- https://www.rakuten.co.jp/com/rat/id.rakuten.co.jp/s_customTracking.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Rakuten (E-commerce)28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| doScroll object| __id_conf boolean| __id function| tls12Callback function| setLang function| setLangJa function| setLangEn function| setLangCn function| mkfpForms function| mkfp function| Fingerprint2 object| __challenger_conf object| Challenger object| __challenger object| __challenger_stats object| __challenger_events boolean| doRefresh function| Fingerprint2Shrinked object| trackingParam string| s object| accountSetting object| rakutenSC0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.ichiba.jp.rakuten-static.com
challenger.api.global.rakuten.com
rukatenshofuquqik2.xyz
static.id.rakuten.co.jp
www.rakuten.co.jp
www.rakuten.co.jp
104.111.218.187
204.44.76.170
23.205.234.224
52.232.41.74
220ff801d6d4cf5c0cfbcbb51780e89fa191c925950625a56217aab2676e5f7f
266ecfb9ec67fc7bd0b5516ccb948562d3b313fcda712f8df2ef0cd6b7094ccd
27b168aec9b347a25cf18618d576c56a8f7c7d3dadf595f4f5c178fb79d8a614
2988252023931c1e863b94e3c491e99084035a8db0d1001ad24b414ca4225e4d
2aaec607fb6e244cc257d6d4ba8ba797c9dd482bc38943cd65784de1725ab544
34ef27e93ee6db0326bce29d67f0a0924a8960810fb6a421f3f1f0a805400ec3
3fd0410dcec09600f874b3e191a3d90a2ac5fa9bf12042ef14175419579db270
426e8dbc38d927afdb3986c495aee74ba6c883e8fac28d800fd39714d776315b
45ff09eeed361217294d000a3cec1a4d73cd8447b534bb8622381b7813aee78e
5162f5fd43e99e6d3c405414465d35e44744e4c7094fe4f2ae88cf7f035414fb
56beece8974f50096fc1c95ca93f1683b4ebaeb0d9cb54ed133c2dbbf9e5f2a1
6710129c295d3741430649ab7e46d44a7ba0bacd39cd94fc9f3c317499acf36a
7237b71f281b72c679bcaf7449b02370ef31050e1964208aa00d15c8b5a7eb5f
767483ac6c4ff38731ddf4471b335354bb39bfc1a8c93ea3ecc2cc95bf2a5b8b
7c0bda6422ac83de513ad3fcdd5304db074566a1871c70af3a628527def0b96d
8be7ad5e4c0d0c99c5233ac8f847b77748c8611f9b87603664e133e1d85850aa
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
8fb7cdc74f080e32671ac12477ced49dc244282cce2cadaf1a0a72425a0b572e
ac84140d203d95cfacd94c2cd5e26633a264a854f5fd5c2908ab8428ace3718e
b895d5b1abd9715e0190dc555e4c5e0998ee35d1d2abadea3376552f8978bdf8
bf223ae077078d99c48405ac4f7894b25d747291c2dc70b215c565dfba431183
d102b360b1a140b65f9da4f27c99b41a7cd73f9208213739aaadb34887d88312
d60f59e1543f12020a63cfc74ffc90af6b292722f91dee2bbd0d87a7487d432d
d6fb85cb48ad6ab6fa72eee685537175fb78aac06b54e74fc42574d6b470d824
e4aaae06646fc1f50c4766ebca9e60d1c68c9f080de173153d83a160f6e50915
fa9551c7bdd94718c80ef582fe808e6c8305b9324bc36ec2cdc83231c1254a9a